ship

SUSPICIOUS: the core workflow matches its stated purpose, but it grants a highly autonomous agent the ability to merge, commit, push, open PRs, and post review replies with minimal user gating. Supply-chain risk is moderate from same-org local gstack executables installed via unpinned clone/setup, but there is no clear evidence of malware or credential theft.