av-cli

This skill is an operational instruction file for using the Aviator 'av' CLI to manage stacked pull request workflows. Its capabilities (reading av/av.db, invoking av and git commands, interacting with remotes) are consistent with the stated purpose. There are no direct signs of malware, remote exfiltration endpoints, obfuscated code, or download-and-execute chains inside the provided content. The main risks are operational: the skill instructs agents to run commands that can push to remotes and manipulate repository state (which uses existing git credentials) and it assumes the av CLI is trusted and already present — if an agent autonomously installs or fetches an av binary from an untrusted source that would increase supply-chain risk. Overall, the content appears appropriate for the declared purpose but should only be used in environments where av is installed from a trusted source and where the agent's ability to push or create PRs is intentionally permitted and controlled.