workflow-clean-code-angular

SUSPICIOUS: the skill’s main purpose is plausible, but its footprint is broader than a pure Angular audit. The biggest risk is not malware or credential theft; it is an agentic review skill that can ingest untrusted repo content, spawn many subagents, edit code, run shell commands, and potentially commit changes, with optional auto mode and external MCP access.