cicd-intelligent-recovery

SUSPICIOUS. The core CI/CD purpose is plausible, and official GitHub CLI usage is consistent, but the skill’s real footprint is too broad: it repeatedly executes an unpinned third-party alpha CLI, routes codebase data and analysis through that service, performs autonomous repository actions, and chains other skills. This is not confirmed malware, but it is a high-risk skill with disproportionate trust and data-flow exposure for a debugging workflow.