journey-builder

SUSPICIOUS. The core journey-building behavior is plausible, but the mandatory hard-coded gist fetch introduces high indirect prompt-injection risk, and the skill also exfiltrates troubleshooting content back to GitHub via gist edits. Official tooling lowers supply-chain concern, yet the external content dependency and broad autonomous write/commit scope make the skill higher-risk than its stated purpose requires.