release-health

SUSPICIOUS. The release-audit purpose is coherent, but the skill relies on an unverified external `gh-manager` binary to perform both analysis and privileged GitHub write/publish actions. Because the likely tool is a personal third-party CLI that would receive GitHub credentials, the supply-chain and credential-forwarding risks are disproportionate unless the publisher can prove an official, versioned, auditable source.