heal-pr

The heal-pr skill presents a coherent, governance-friendly workflow for PR healing using standard GitHub CLI and Git operations. Its actions are aligned with the stated purpose, focusing on fixing CI, resolving comments, and merging conflicts with iterative checks. There are no evident credential exfiltration or malicious data flows. The primary risks are related to automation of potentially destructive actions (rebases and force-pushes) and the possibility of unintended changes if misinterpreting CI failures or review comments; these are mitigated by per-change commits, explicit user confirmation for rebases/force-push, and thorough verification via CI. Overall, the footprint is Benign to Suspicious but not Malicious, with a moderate securityRisk primarily due to automation potential. Implementers should ensure explicit user confirmation for disruptive actions and maintain clear audit trails in PR bodies and commit messages.