subtoken-imagegen

SUSPICIOUS: internally coherent as a Subtoken-specific image API skill, but the core design routes prompts, images, and API credentials to a third-party intermediary domain rather than an official image API endpoint. Scope is otherwise proportionate and there is no clear evidence of malware or hidden exfiltration beyond the declared service usage.