build-review-persona

The skill's stated purpose (synthesize a reviewer persona from GitHub review history and post PR comments as that persona) is coherent with its capabilities, but it carries notable security and privacy risks. Key risks: it requires GitHub credentials (via gh CLI) and will use them to fetch data and to post reviews; it writes persistent commands into ~/.claude/commands and stores aggregated verbatim review data in /tmp, creating persistence and valuable local data for exfiltration; and it enables autonomous or semi-autonomous posting of comments under the user's identity. The content does not contain hidden obfuscation or explicit malicious code, but the design is high-privilege and could be misused or weaponized if implemented or distributed maliciously. Recommend treating this as a medium-to-high risk skill: require minimal OAuth scopes, avoid storing verbatim logs unencrypted, ensure strict user confirmation before any posting, and perform careful code review of any implementation before installing the persistent command.