ai-dev-loop

SUSPICIOUS: the skill is internally aligned with autonomous development, but its footprint is still high-risk because it authorizes agents to make code changes and commits from task/PRD content with only a later QA gate. No clear credential theft or exfiltration is present, and no direct installer abuse appears in this artifact.