fix-pr

SUSPICIOUS. The skill is broadly coherent for PR maintenance and uses official GitHub tooling, so it does not look malicious. However, it grants an agent autonomous code-editing and GitHub write capabilities based on untrusted CI logs and review text, plus transitive execution of other skills, making it medium risk.