security-review

The security-review skill appears coherently scoped to its stated purpose of auditing newly introduced changes for high-confidence security concerns. There are no evident risk vectors involving input coercion, credential leakage, or remote code execution within the described workflow. The tool relies on standard git commands and produces a report; as long as the PR content remains the sole source of analysis, the risk surface is minimal and proportional to the changes being reviewed.