auto-review-loop

SUSPICIOUS: the skill’s core purpose matches iterative review, but its actual footprint is much broader than a normal review assistant. Full Bash access, autonomous code/experiment changes, direct external reviewer access to repo contents, optional notifications, and undocumented auxiliary skill/script execution create a high-risk automation and data-leak surface, though there is not enough evidence to call it confirmed malware.