autopilot

SUSPICIOUS. The skill’s capabilities mostly match its stated purpose, but its footprint is high risk because it turns untrusted issue content into autonomous code execution, repo modification, and PR creation. No clear credential harvesting or exfiltration appears, so this looks more like an overpowered automation skill than confirmed malware.