resolve-human-reviews

SUSPICIOUS: the skill's purpose aligns with GitHub PR review resolution, and the referenced CLI appears to be the publisher's own tool, so this is not overtly malicious. However, it combines unpinned runtime package execution with autonomous code modification, pushing, and public GitHub replies based on untrusted reviewer content, making it a high-impact agent skill with meaningful security risk.