ship

SUSPICIOUS: the skill’s capabilities mostly match its release-pipeline purpose, but it is high impact because it can mutate git state, create/merge PRs, trigger deploy/rollback flows, and automatically chain into another skill. Install provenance appears same-org and consistent with Nanostack, which lowers supply-chain concern, but the autonomous production-facing actions make the overall security risk high even without clear malicious intent.