github-cleanup

SUSPICIOUS: mostly coherent GitHub-maintenance functionality using official GitHub tooling and APIs, but it has high-impact capabilities, broad local repo access, and a notable scope mismatch because it can modify and push repository contents. The third-party raw GitHub dependency for action-version guidance adds medium supply-chain risk, but there is no strong evidence of credential theft or malicious exfiltration.