google-veo

SUSPICIOUS: the core function is coherent, but the skill depends on a same-org remote-installed CLI, sends Veo requests through inference.sh instead of direct Google APIs, uses relatively broad `belt *` permissions, and encourages transitive skill installation. This looks more like a hosted platform wrapper than a direct Google Veo integration; risky but not confirmed malicious.