pull-request

No direct malicious code or obfuscation is present in this Skill instruction file. The file describes a coherent automation for creating/updating GitHub pull requests and the requested capabilities align with the stated purpose. However, there are security/usability risks: it explicitly forbids checking repository status or prompting to push, which can lead to accidental PRs created/updated from an unexpected repository state. The actual execution and any network or credential use is delegated to the git-operations-specialist skill — that delegated component must be audited because it will run gh commands and access credentials. Overall: not malicious, but moderate operational risk due to aggressive constraints and reliance on a delegated executor.