qwen-image-2-pro

SUSPICIOUS: the skill’s core purpose is coherent, but it relies on transitive skill installation, broad `infsh` CLI permissions, and credential/data routing through inference.sh rather than a direct official Alibaba integration. This looks more like a platform wrapper than a narrowly scoped model skill; concerning from a trust/scope standpoint, but not clearly malicious.