triage-issue

SUSPICIOUS. The skill’s capabilities broadly match its stated triage purpose and its tool/data flows are mostly GitHub-native, but it gives an AI agent high-impact autonomous abilities over a code repository while consuming untrusted issue content. The main risk is prompt-injection and unintended repository/public actions, not credential theft or malware.