evolink-video

SUSPICIOUS: the skill's purpose and capabilities mostly align, and network flows go to documented Evolink domains, but it asks the agent to run an unpinned npm-delivered MCP server and forward the API key into it. This is a moderate supply-chain and credential-forwarding risk, not clear malware.