coderabbit-core-workflow-a

SUSPICIOUS: the workflow purpose is plausible and mostly aligned with CodeRabbit usage, but trust is weakened by transitive dependency on another skill, mixed/unclear official domains, broad npm-capable bash permission, and unspecified credential handling. Not enough evidence of malware or clear exfiltration beyond the stated code-review service, but the install/auth chain should be verified before use.