user-story-reviewer

SUSPICIOUS: the skill's GitHub-focused capabilities mostly match its stated review purpose, and its main external dependency (`gh`) is official. However, it is high-risk because it processes untrusted PR/issue content, checks out and may execute PR code locally, and can autonomously push, approve, or merge on the user's behalf via an unseen script.