security-review

SUSPICIOUS/HIGH-RISK skill, not because its purpose is incoherent, but because it gives an AI agent offensive security review capabilities over untrusted code and PR content while also allowing command execution, file writes, and autonomous repository actions. Tooling and data flows are mostly legitimate and proportionate for security review, so this is not confirmed malware; the main concern is high operational risk from agentic security scanning plus action-taking.