review-pr

SUSPICIOUS: The skill’s core behavior matches PR review, and its main network path is official GitHub tooling, so it is not fundamentally incompatible with its purpose. However, it enables autonomous public write actions on GitHub, processes untrusted PR/repo content with parallel agents, and relies partly on unspecified custom MCP/fallback commands, making the overall security posture medium risk rather than benign.