customer-persona

SUSPICIOUS: The skill's core behavior is mostly aligned with persona research and avatar generation, and the `belt` installer appears to be an official same-org distribution path. Risk comes from relying on a third-party orchestration CLI for all network/data flows, broad belt-enabled Bash scope, and explicit transitive installation of additional skills. No strong evidence of credential theft or malicious exfiltration, but the trust and scope footprint is broader than a narrowly scoped persona template skill.