work-issues

BENIGN in purpose alignment and data routing, but HIGH RISK operationally: the skill gives an AI agent autonomous repo write/comment/push capabilities and processes untrusted GitHub content while executing commands. Main concerns are autonomy abuse and indirect prompt injection, not malware or credential theft.