og-image-design

SUSPICIOUS: the core purpose is plausible, but the skill is over-broad for a design guide, depends on transitive skill installation, and sends user content to remote services through an external CLI with limited provenance shown in the skill itself. Main risk is supply-chain and scope creep rather than confirmed malware.