dev-workflow

[Skill Scanner] Instruction to copy/paste content into terminal detected This skill is an orchestration/instruction document for a development workflow. It is internally consistent: capabilities match the stated purpose, and the requested operations are proportional. No indicators of deliberate malicious code were found in the content. Primary security considerations are operational: (1) invoking external code-review services can leak repository contents to those providers, so use trusted providers and sanitize secrets before review; (2) copying whole vendor directories may duplicate sensitive files. No hardcoded credentials, obfuscation, or suspicious network destinations were found. LLM verification: The skill is benign in intent and aligns with its stated purpose of orchestrating a development workflow. I found no obfuscated code, backdoors, or hardcoded credentials in the provided text. The primary security concern is privacy/exfiltration risk: invoking cloud-based code-review CLIs and copying the Vendor directory can result in sensitive repository contents being transmitted to external services. Recommend adding explicit cautions about sensitive files, options for local reviews, and clari