auto-push

SUSPICIOUS: The skill is coherent with its stated Git automation purpose and has low supply-chain risk, but it enables autonomous outbound `git push` actions without per-push confirmation and stages all changes by default. Its main risk is accidental data disclosure or unintended publication to the configured remote, not credential theft or malware-like behavior.