video-i2i

SUSPICIOUS: the skill’s visible behavior mostly matches its stated image-to-image purpose, but it depends on an externally fetched PyPI CLI with weak publisher verification and opaque backend/data-flow details. This is not confirmed malicious, though install trust and endpoint transparency are insufficient for a benign classification.