review-fix-claude

SUSPICIOUS: the skill's purpose is coherent, but it combines unpinned remote package execution with autonomous repo-modifying actions driven by external review output. The main concern is operational risk and trust in the external CLI, not confirmed malware.