custom-codereview-guide

SUSPICIOUS: The skill is purpose-aligned and uses official GitHub tooling, with no obvious credential theft or third-party routing. The main risk is autonomous approval of PRs via the GitHub API based on simplified matching logic, which can cause unintended repository actions if misapplied.