pr-demo-recorder

The skill's core behavior is mostly aligned with PR demo creation, but its trust model is weak. The biggest concerns are silent installation of third-party components, transitive installation of another skill, and use of a community `gh-image` extension that extracts GitHub session cookies to upload assets. This makes the skill suspicious rather than outright malicious: the demo-recording purpose is coherent, but the install chain and credential handling are broader and riskier than necessary.