ai-content-pipeline

This skill is a documentation/manifest for a multi-step AI content pipeline that relies heavily on the inference.sh CLI and many hosted model/app backends. The primary security concerns are supply-chain and data-exposure risks: the Quick Start recommends a curl|sh install (download-and-execute) and the workflow routes user prompts and media to multiple third-party endpoints. Those patterns are common for hosted ML platforms but are higher risk than purely local tooling. There is no evidence of hidden obfuscation or explicit malicious code in this text, and the capabilities described align with the stated purpose. However, operators should treat the installer and all remote endpoints as sensitive: verify checksums, review the installer script before executing, avoid sending sensitive data in prompts, and minimize granted permissions. Overall, this is not clearly malicious but presents moderate supply-chain and data-exfiltration risk due to download-execute instructions and extensive third-party data flows.