resolve-todo-parallel

SUSPICIOUS: the skill is broadly coherent for repo todo maintenance, and there is no clear credential harvesting or malicious exfiltration path. Risk comes from autonomous parallel subagents, transitive skill use, and automatic commit/push/delete actions based on untrusted todo content.