github

SUSPICIOUS. The skill’s capabilities fit its GitHub-management purpose, and core `gh` usage is normal, but it introduces a third-party `pi-github` extension into an authenticated GitHub workflow without clear provenance or install details. Main risk is supply-chain/transitive trust plus agentic high-impact actions, not confirmed malware or obvious credential exfiltration.