ship

SUSPICIOUS: the skill’s capabilities mostly fit its stated PR-shipping purpose and installer trust is reasonable, but it grants an agent broad autonomous repository actions including push, PR creation, CI-driven edits, and merge. Risk is driven by action scope and transitive/local subagent trust, not clear credential theft or malicious exfiltration.