github

SUSPICIOUS. Most capabilities match a normal GitHub operations skill and data flows stay within GitHub, but the optional sub-issue feature requires installing a non-official third-party gh extension that executes with the user’s authenticated GitHub CLI context. That supply-chain and credential-adjacent trust expansion is disproportionate enough to raise the skill above benign, even without direct evidence of exfiltration.