persona

SUSPICIOUS: the core persona/social-intelligence workflow is internally coherent and mostly uses proportional credentials, so it is not overtly malicious. However, it aggregates multiple sensitive data sources for external LLM calls and includes a transitive plugin-install step for preview/image features, which meaningfully increases trust and credential-exposure risk beyond a simple writing-style skill.