auto-review-fix

SUSPICIOUS. The skill is purpose-aligned for automated code review/fixing and shows no clear exfiltration or malware behavior, but it grants an AI agent broad autonomous authority to inspect untrusted code, edit files, run project scripts, and create commits without per-action approval. The main risks are autonomous action and indirect prompt injection from repository content, not supply-chain abuse or credential theft.