django-triage

The skill legitimately implements triage workflows (Trac, forum, GitHub, optional local source analysis) and its capabilities are appropriate for that purpose. However, it executes local scripts via uv and uses the user's gh CLI authentication — both are significant trust boundaries. Because the scripts are not included for review, they could read sensitive local files, misuse the GitHub token, or exfiltrate data. No explicit malicious code or hard-coded secrets are present in the SKILL.md itself, so there is no conclusive evidence of malware, but the design permits high-risk actions. Recommendation: Do not run these scripts until ./scripts/*.py and the uv binary are audited; run in a sandbox with limited privileges; use minimal-scope GitHub credentials.