gh-fix-ci

SUSPICIOUS: The core gh-based CI debugging workflow is coherent and mostly benign, but the instruction to prefer third-party rtk wrappers introduces unnecessary trust expansion and possible credential forwarding/command mediation outside official GitHub tooling. Risk is moderate rather than malicious because no clear exfiltration endpoint, hidden behavior, or explicit credential theft is present in the skill text.