autonomous-orchestrator

SUSPICIOUS: the skill's autonomous orchestration purpose matches its capabilities, but its footprint is unusually broad and high-impact. Continuous hands-off operation, blanket approval for user-owned repos, and processing of untrusted GitHub content while spawning action-taking agents create substantial autonomy and prompt-injection risk; the runtime `npx` dependency adds supply-chain risk.