auto-pr-merge

SUSPICIOUS: the tooling and data flow are mostly consistent with GitHub PR automation, but the skill is high-risk because it explicitly removes user approval and performs privileged repository actions, including admin-override merges and autonomous code changes. This is not clear malware or credential theft, but it is an unsafe AI-agent capability with disproportionate authority.