investigate-alert

The skill’s purpose is coherent for alert investigation, but its trust model is not. It relies on an unverifiable authenticated CLI (`gcx`) and a transitive prerequisite skill (`setup-gcx`), which materially raises supply-chain and credential-forwarding risk despite otherwise legitimate observability workflows.