project-session-manager

SUSPICIOUS. The core git-worktree/tmux/GitHub behavior matches the stated purpose and data flows are mostly legitimate, but the skill materially increases execution trust by launching Claude with --dangerously-skip-permissions and automating repo-affecting actions. Jira support adds moderate third-party dependency risk, though not enough alone to suggest malware.