lovgame

SUSPICIOUS. The skill’s capability matches its stated purpose, but its core design routes prompts and credentials through a sparsely documented third-party gateway under an OpenAI-like interface. With no remote installer and no clear exfiltration beyond the stated API call, this is not confirmed malware, but it carries medium risk due to credential forwarding and limited endpoint verifiability.