prompt-history

SUSPICIOUS. The overall workflow matches the stated purpose, and the skill includes strong guardrails against prompt injection and autonomous posting. The main concern is install/execution trust: it relies on a third-party personal GitHub CLI outside an official registry, so users must trust that binary/source and its dependency chain to process sensitive prompt history. No clear malicious or exfiltration behavior is described, but the external CLI dependency makes the skill medium-high risk.