cmd-fix-pr-chechers

SUSPICIOUS: the skill's core capability fits its purpose and uses official GitHub tooling, but it grants an agent autonomous authority to change code, commit, and push repeatedly based on untrusted CI log content. The main risk is unintended or manipulated repository changes rather than malware or credential harvesting.