gh

SUSPICIOUS. The underlying GitHub CLI use is legitimate, but the skill is not internally clean: it markets itself as `gh` while directing execution through third-party x-cmd, installed via remote shell. The capabilities broadly fit GitHub workflow management, but the install and execution path is not proportionate to the stated purpose and creates unnecessary credential and supply-chain risk.