GitHub Workflow

The skill appears benign and purpose-aligned: it reads repository metadata to suggest reviewers and uses official GitHub CLI calls to request those reviewers. It does not introduce credential harvesting, external data exfiltration, or arbitrary download-execute patterns. The main considerations are ensuring proper authentication scope and preventing inadvertent exposure of internal reviewers, which can be mitigated with proper access controls and review policies.

The skill's footprint is coherent with its stated purpose: it orchestrates GitHub issue management via gh CLI or MCP, applying local templates and performing standard issue lifecycle actions. The security posture is benign-to-low risk: no unverifiable binaries, no credential harvesting patterns, and data flows are restricted to GitHub interactions and user-facing outputs. Minor concerns include relying on CLI authentication without explicit in-skill credential handling, but this is typical for developer tooling and does not inherently introduce risk if the user has authenticated already. Overall, classify as BENIGN with low security risk.

Benign. The skill coherently implements Git tag management within its stated scope (create, list, annotate, push, delete) without introducing external dependencies, credential harvesting, or unintended data flows. The network activity is expected (tag pushes to a Git remote) and relies on standard Git authentication mechanisms. No suspicious credential access or supply-chain activities detected.

The skill is coherently scoped to read and respond to PR review comments, with optional local file edits. Data flows align with the stated purpose (GitHub API interactions and local git worktree). No suspicious install patterns, unverifiable binaries, or credential harvesting observed. Overall, the footprint is benign and proportional to its described purpose.