find-reviewable-pr

This skill is a repository-local instruction file that guides users/agents to run a PowerShell script which queries GitHub for prioritized PRs in dotnet/maui and dotnet/docs-maui. It requires GitHub CLI authentication (potentially including read:project scope) to retrieve project board data. I found no evidence of malicious behavior: no external untrusted downloads, no credential exfiltration to third-party domains, no obfuscated code, and no commands that would perform autonomous destructive actions. The main risks are normal for a tool that requires an authenticated GitHub token (scope misuse risk if the token is over-privileged) and a slight concern about the strict 'no fallback' instruction which is a workflow constraint rather than a security exploit. Overall the file appears coherent and proportionate to its stated purpose.