pr-guardian

SUSPICIOUS: the core GitHub polling behavior is coherent and uses official tooling, but the skill crosses into high-autonomy orchestration by proactively invoking itself and repeatedly dispatching code-changing fix skills based on external PR/CI/review content. Main concerns are autonomy and transitive downstream skill risk, not malware or credential theft.