gimp

SUSPICIOUS/medium-risk rather than malicious: the skill's overall behavior fits local image editing, but its install/execution trust is weakened by reliance on a niche third-party CLI with unverified PyPI metadata, an author-specific Anaconda path, and a mismatch between the skill's claimed GIMP backend and the package's public description. No credential harvesting or exfiltration is evident.