pr-babysitter

The skill is coherent with its stated PR-monitoring purpose and uses official service tooling, so it is not malware. However, it is high-impact: it runs autonomously on a schedule, consumes untrusted comments/logs, edits code, pushes commits, and replies/resolves review threads across multiple platforms. Overall this is best classified as SUSPICIOUS due to autonomy and prompt-injection exposure, not deceptive data exfiltration.