prompt-engineering

The skill's stated purpose is to provide prompt engineering guidance and enable execution via the inference.sh CLI. However, the installation pattern (curl | sh) and reliance on an unverifiable binary from a remote distribution source introduce notable supply-chain and execution risks. The data flow from user prompts to remote model endpoints is expected for a prompt-engineering workflow, but the ingestion and handling of prompts to external services should be restricted to trusted endpoints and clearly documented with provenance, verification, and access controls. Overall, the footprint is suspicious due to the download-execute pattern and unverifiable binary; it should be treated as suspicious until the binary source is verifiable, a verified package registry is used, and the install/upgrade process employs signed artifacts with clear provenance.