pr-review

This SKILL.md matches its intended function of an automated PR reviewer and contains no direct signs of malware (no external attacker domains, no download-and-execute patterns, no obfuscated payloads). The primary security concerns are operational: it instructs using high-privilege gh/git operations (reading repo state, posting reviews, resolving threads, and pushing commits) without prescribing least-privilege tokens, approval gates, or polling limits. Recommendations: require and document minimal token scopes, add explicit human-approval or strict rules for any autonomous push, cap CI polling duration and frequency, avoid printing repository secrets to logs, and restrict push privileges to a dedicated bot account or branch. With these mitigations the risk is manageable; without them the bot could be used (or misused) to modify repository content or leak sensitive data if the runner or token is compromised.