GitHub PR Manager

The skill provides automated GitHub PR management, which inherently requires high-risk capabilities such as handling GitHub Personal Access Tokens (PAT) with 'repo' and 'workflow' scopes and performing automated write operations like 'git push --force-with-lease'. While these actions are aligned with the stated purpose in SKILL.md and references/workflow.md, the automated execution of shell commands for credential login (gh auth login) and repository modification poses a significant security risk. No clear evidence of intentional malice or data exfiltration was found, but the broad permissions and automated lifecycle management meet the criteria for a suspicious classification.