qwen-image-2-pro

SUSPICIOUS. The skill’s stated purpose is coherent, and its data flows mostly match remote image generation, but it introduces a transitive skill installation step and routes authentication and execution through an external CLI. The vendor relationship looks plausible and same-org enough to avoid a malicious verdict, yet the extra install and credential-forwarding surface make it higher risk than a simple direct API skill.