autopilot

SUSPICIOUS: the skill’s behavior is broadly aligned with an 'autopilot developer workflow,' but its trust footprint is high. The main concerns are extensive autonomous real-world actions without intermediate approval, transitive execution through other skills, and reliance on an unverifiable `af` CLI for Jira/Jenkins operations. No clear evidence of malware or credential theft was shown, but the overall security risk is high.