prd

SUSPICIOUS: the core behavior matches the stated PRD-and-issue-planning purpose, and GitHub/local modes are broadly proportionate. The main concern is the optional Baidu iCafe mode, which requires an externally authenticated CLI with no clearly verifiable public provenance, creating a credential-forwarding and supply-chain risk disproportionate to an otherwise documentation-oriented skill.