fix

SUSPICIOUS. The skill’s core capabilities mostly match its stated bug-fixing purpose, and there is no clear credential harvesting or external exfiltration path. However, it is a high-impact operational skill: it instructs immediate execution, can modify code/docs/state, run tests, parse conversation-derived review content, delegate to sub-agents, and create commits with limited confirmation, which makes it medium risk despite generally coherent scope.