ah-review-code

SUSPICIOUS: the core review workflow is mostly aligned with its stated purpose and uses official GitHub tooling, but risk is elevated by broad delegation to unverified local subskills, persistent storage of diffs/reviews, processing of untrusted diff content, and optional autonomous PR review submission. No clear evidence of malware or credential harvesting appears in this artifact.