ideogram-core-workflow-b

SUSPICIOUS: the stated purpose is a benign Ideogram workflow, and the only referenced network target is the official Ideogram service, but the skill is too incomplete to verify behavior and grants broad npm execution not justified by the visible instructions. No clear exfiltration or malicious routing is present, yet the mismatch between sparse content and broad execution scope creates medium security risk.