gitwhy-context-saving

SUSPICIOUS. The skill’s capabilities broadly match its stated purpose, but it relies on an unidentified GitWhy CLI/MCP service and sends potentially sensitive engineering context to an unnamed cloud backend. The main issue is unverifiable provenance and opaque data routing, not confirmed malicious behavior.