product-changelog

The product-changelog skill is primarily benign in intent — it provides templates and CLI examples for producing changelogs and visuals. However, the README encourages a curl | sh install flow and depends on a third-party CLI (infsh) and hosted app backends (inference.sh and dist.inference.sh). Those patterns create meaningful supply-chain and data-exfiltration risks: executing remote installers, relying on remote-hosted binaries, and routing user content (screenshots, URLs, prompts) to external services. There is no explicit credential harvesting shown, but the download-and-execute pattern and third-party routing are high-risk for a skill whose stated purpose is writing changelogs. Recommend avoiding the one-liner install, verifying and pinning checksums, providing explicit offline/local alternatives or clear user warnings about data sent to external services, and limiting allowed-tools to minimize wildcard escalation.