pr-guardian

SUSPICIOUS: the skill’s purpose matches PR monitoring/repair, and its external tooling trust chain is mostly coherent (`gh` is official). The main risk is not malware or credential theft but autonomous, repeated code modification/push behavior driven by external CI/review signals, including CodeRabbit comments. This makes it a high-impact orchestration skill that is broader and riskier than a passive monitor.