quality-gate

SUSPICIOUS: the core review workflow is coherent, but the skill exceeds a normal quality-gate role by auto-editing code, committing, and potentially pushing changes, while also delegating to other skills. Main concerns are autonomous real-world actions and transitive trust, not credential theft or overt malware.