github-code-review

SUSPICIOUS — This skill's stated purpose (automated multi-agent GitHub code review) is plausible, but several example implementations and capabilities expand privileges without adequate safeguards. The webhook handler executes shell commands derived directly from PR comments/webhook payloads (command injection risk) and npx-run components imply untrusted code will be installed and executed at runtime (supply-chain risk). Auto-fix and auto-merge features increase blast radius. Recommended: do not deploy these examples as-is. Add strict webhook signature verification, validate and sanitize comment commands, avoid execSync with untrusted input, pin and verify packages (checksums/signatures), least-privilege tokens, require human approvals for auto-merge/auto-fix, and sandbox custom agent execution. If unable to harden, treat this skill as high-risk.