github-pr-fixer

SUSPICIOUS: The skill’s purpose mostly matches its capabilities, but it is high-impact. The main concerns are autonomous write actions on GitHub, execution of repo-defined commands from untrusted project context, and automatic installation of a third-party `gh` extension. Data flows stay largely within GitHub and the local repo, so this is not clearly malicious, but it is risky and should require strong user trust and approval boundaries.