ai-review-validator

[Skill Scanner] Natural language instruction to download and install from URL detected SUSPICIOUS: The skill's stated purpose matches its capabilities, and network endpoints used (api.github.com and official docs) are legitimate. However, the automation includes high-risk operations: creating files, running arbitrary compile/test shell commands using suggestion-derived content, and making mandatory commits that inject external URLs into repository history. These behaviors are proportionate only if strict safeguards are implemented (sandboxing, validated whitelists for web_fetch targets, explicit handling of credentials, and human approval gates). Without those protections the skill can be abused for code execution and repository history manipulation. I classify this as suspicious rather than overtly malicious. LLM verification: This skill's intent (validate and optionally apply AI Review suggestions) is plausible and many capabilities align with that purpose. However, the combination of automatic modification+commit, mandatory embedding of an external comment URL into commit history, unrestricted web searches/fetches for verification, and execution of generated test/compile jobs creates a medium-to-high supply-chain risk. An attacker who can create or influence AI Review comments or the verification search results coul