build

Suspicious rather than malicious: the skill’s purpose matches workflow orchestration, but its footprint is broad because it delegates to many other skills, processes untrusted repository/agent content, and can commit or update PRs. Main risks are autonomy and transitive trust, not credential theft or covert exfiltration.