production-code-audit

The skill's high-level purpose (automated production-grade audit and remediation) is plausible, but its default autonomy (read every file, modify codebase, run tests, create integrations) is dangerous. There is no explicit malicious payload in the provided spec, but the behavior enables multiple supply-chain and data-exfiltration risks if executed without strict controls. Treat the skill as unsafe to run in autonomous write/execute mode. Recommended: restrict to read-only analysis, require explicit per-change approval, sandbox any execution of repository code, never auto-install or send discovered secrets, and require user-provided, vetted endpoints/credentials for integrations.