skill-dev-workflow

[Skill Scanner] Skill instructions include directives to hide actions from user The skill fragment is a coherent, purpose-aligned workflow specification for orchestrating end-to-end skill development within CaldiaWorks. It prescribes standard automation steps, artifact management, and repository operations. While it implies credentialed actions (GitHub/CLI) and external skill invocations, these are typical for such workflows and do not by themselves indicate malicious behavior. The design appears benign but should be used with proper access controls and auditing to ensure credentials and repository operations remain secure. LLM verification: The document defines a legitimate-sounding skill orchestration for a repo development workflow, but it includes high-risk operational directives: a 'must execute every internal step' rule that can force irreversible repo/GitHub modifications, and a static-scanner-flagged instruction to hide actions from the user. The skill delegates many sensitive operations (creating branches/commits/PRs, creating and closing issues) to invoked skills and CLI tools without specifying trust boundaries or explici