development-lifecycle

Suspicious rather than malicious. The skill's purpose matches developer workflow automation, but it normalizes silent execution, chained skill delegation, and autonomous git/PR actions beyond a simple guidance skill. Main risk is operational autonomy and transitive trust, not credential theft or exfiltration.