pr-qa

The skill is largely aligned with its stated PR-QA purpose and uses official GitHub APIs, but it is operationally high-impact: it can take autonomous GitHub actions and acts on untrusted external review content while retaining code-write and command-exec capabilities. This makes it suspicious from a security-risk perspective, though not malicious; the biggest concerns are autonomy abuse and indirect prompt injection, with moderate installer trust risk around optional gitleaks installation paths.