imagegen

SUSPICIOUS: the core image-generation purpose is legitimate, but the fallback path reads raw credentials from a local file and sends them to an arbitrary endpoint or proxy, creating medium-high data flow and credential exposure risk. No clear malware or stealth behavior is shown, and there is no visible external installer, but the trust model is weak and broader than necessary for the stated purpose.

SUSPICIOUS. The core image-generation purpose is plausible, but the fallback path reads a local API key and sends it to an arbitrary configured endpoint, including proxies, which weakens data-flow integrity. The additional instruction to install another skill creates a transitive trust risk. No clear malware or obfuscation is present, but the credential forwarding and endpoint flexibility make this a high-security-risk skill.