update-release-graph

SUSPICIOUS: The skill’s functionality is coherent for release-graph maintenance, and its installs use standard package managers rather than raw download-execute chains. However, trust is reduced because the main tool comes from a GitHub Packages feed under a personal namespace and requires forwarding/storing a GitHub token in clear text, with no strong evidence that this is the canonical official distribution for the tool.