crane-audit

SUSPICIOUS. The core purpose is coherent: PR audit, local rule checks, and reporting only. Main concerns are the unverified `gw` wrapper provenance and the higher-risk pattern of ingesting untrusted PR content while retaining command execution capability for type checks. No clear credential harvesting, exfiltration, or deceptive behavior is present.