The skill mostly matches its stated purpose, but it can access private repository data, send analysis to LLM providers, cache sensitive project content, and directly modify agent instruction files.
Review before installing. Use only with repositories you are authorized to analyze, prefer least-privilege GitHub/Azure credentials, avoid the curl-to-bash install path unless you inspect and pin the script, and do not accept AGENTS.md updates until you review the exact diff. Treat LLM analysis as potentially sending or exposing private agent instructions and commit context, and purge ~/.god-mode if you no longer want the cached data retained.