ship

SUSPICIOUS. The core git and GitHub capabilities fit a ship workflow, and there is no clear malware or third-party credential harvesting path. However, the skill is high-risk because it is explicitly fully automated, performs external actions (push/PR) without confirmation, and reads local plan files outside the repo that may be surfaced in PR content.