custom-codereview-guide

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This guideline creates an intentional approval bypass for dependency version-bump PRs—skipping full review, forbidding evidence, and requiring programmatic GitHub API APPROVE calls—which materially enables supply-chain abuse (malicious dependency versions merged without review) and thus poses high risk.