dify-workflow

SUSPICIOUS: the skill’s functionality is coherent for Dify workflow editing, but the install trust is weak because the real dependency chain relies on direct GitHub installs, including a personal upstream repo and unpinned mutable refs. No clear credential harvesting or malicious data flow is evident, so this is better classified as supply-chain risk than malware.