og-image-design

The skill aims to provide OG image design via a remote CLI, which relies on downloading and executing an unverifiable binary from an external source. This introduces legitimate supply-chain risk and potential remote code execution risk, despite checksum verification being mentioned. The data flow involves user-provided content being processed by an external binary, which is a plausible risk area if the binary is compromised or if the agent automates execution without explicit user consent for each run. Overall, the footprint is coherent with its stated purpose but presents notable security concerns around binary provenance and execution autonomy.