exercise-pack

SUSPICIOUS: the skill’s core behavior fits its stated purpose, and data flows go to expected GitHub services, but it enables autonomous public publishing and release creation without explicit approval at execution time. Main risk is real-world action/autonomy plus moderate supply-chain exposure from a third-party mutable GitHub Action, not credential theft or hidden exfiltration.