google-veo

SUSPICIOUS. The skill’s functional purpose is coherent, but its actual footprint depends on a third-party CLI installed via pipe-to-shell, authenticates through that CLI, and routes Google Veo usage through inference.sh rather than direct official Google endpoints. Same-org hosting and checksum verification reduce concern somewhat, but the combination of remote binary install, credential forwarding, intermediary data flow, and transitive skill installs makes the risk high for an AI agent skill.