gh-issue-autodev

SUSPICIOUS: the skill is mostly aligned with its stated GitHub issue automation purpose and uses normal official tooling, but it grants meaningful autonomous action (commit/push), reads local test credentials for UI login, and chains into other skills. No clear malware or hostile exfiltration path is present, yet the scope is broader and riskier than a simple issue triage helper.