task-orchestrator

SUSPICIOUS. The skill’s core behavior is coherent for orchestration, but it grants an AI agent high-impact autonomous capabilities: executing Codex with `--yolo`, consuming untrusted GitHub issue content, self-healing without approval, and pushing code plus creating PRs automatically. The main risks are autonomy abuse, indirect prompt injection, and shell/prompt injection via issue-derived text, not malicious installer provenance.