review-work

SUSPICIOUS. The skill’s broad review purpose mostly matches its repo/QA capabilities, but the Context Miner materially expands scope into Slack/Notion/GitHub discussions and creates an indirect prompt-injection risk by mixing untrusted external content with agents that can execute commands and inspect local state. Not malware, but it is a medium-risk skill that should be used only with tightly scoped permissions and careful isolation of external-content-processing lanes.