sn-image-base

SUSPICIOUS. The skill's core capabilities match its stated purpose, and the publisher/domain ecosystem appears broadly consistent with SenseNova. However, security risk is elevated by user-controlled base URLs that can redirect API keys and content to arbitrary endpoints, plus an explicit TLS-disable flag. This looks like a legitimate infrastructure skill with meaningful configuration-level credential exposure risk, not confirmed malware.