linkedin-content

The skill purpose (LinkedIn content creation using a CLI) is coherent with its described capabilities. However, the footprint includes a high-risk download-execute pattern (curl | sh) to fetch a remote binary, reliance on external install scripts and non-pinned binaries, and potential credential/token handling via an external CLI. This combination creates notable supply-chain and data-flow risks that are not fully mitigated by the provided checksums or documentation. Overall, the skill is best classified as SUSPICIOUS due to the download-execute pattern and opaque credential handling, with potential for higher risk if credentials are indeed stored or transmitted by the infsh CLI in use.