qwen-image-2-pro

SUSPICIOUS: The core capability matches the stated purpose, but the skill relies on a third-party gateway CLI with login, broad `belt *` execution, a pipe-to-shell installer, and extra transitive skill-install instructions. These are disclosed rather than hidden, so this is not confirmed malware, but it carries meaningful supply-chain and credential-forwarding risk.