ai-content-pipeline

SUSPICIOUS: the stated purpose matches media-pipeline behavior, and the `infsh` installer appears to be an official same-org dependency, so this is not strong evidence of malware. Risk comes from broad Bash permissions, reliance on an external CLI, instructions to install additional skills, and workflows that may process untrusted content and automate downstream publishing.