review-github-pr

SUSPICIOUS: the skill's GitHub access and review-posting behavior fit its stated purpose, and data goes directly to official GitHub tooling. However, it reviews untrusted PR content and then executes repository-influenced commands from `CLAUDE.md`, creating a significant indirect prompt-injection and untrusted-command-execution risk. Not malicious on its face, but risky to run against untrusted repositories or PRs without isolation.