coding-agent

SUSPICIOUS. The skill’s purpose is coherent, but its footprint is high-risk: it delegates broad shell/file authority to external coding-agent CLIs, encourages unsafe autonomy flags, and enables autonomous GitHub actions and PR handling on untrusted content. No clear credential-stealing or exfiltration behavior is present, so this is not confirmed malware, but the operational risk is materially above normal.