pr-polish

BENIGN with medium operational risk. The skill is internally consistent for PR orchestration and uses official GitHub APIs/CLI with no suspicious installs or exfiltration, but it grants an agent a fairly autonomous loop over untrusted review content that can drive code changes, pushes, and GitHub interactions through child skills.