autofix

SUSPICIOUS. The core GitHub tooling and data flow are mostly aligned with the stated purpose, but the skill's defining behavior is unsafe: it instructs the agent to execute CodeRabbit PR comment prompts as direct instructions, then edit code and optionally commit/push/post results. This creates a high indirect prompt-injection risk and meaningful autonomy risk even without obvious credential theft or malicious install behavior.