typefully

SUSPICIOUS. The skill’s capabilities fit Typefully management, but its trust chain is weak: it installs Bun via official pipe-to-shell and then relies on a non-Typefully third-party `api2cli` tool to generate/link the CLI that receives the user’s Typefully token. That makes the skill proportionally risky even without confirmed malicious behavior.