agent-tools

The skill aligns with its purpose of orchestrating many AI apps via a cloud CLI, but it relies on a dangerous download-execute pattern (curl ... | sh) to install a third-party CLI from an external URL, and it implies handling credentials for various integrations without explicit secure handling guidance. Data flows to external APIs (image/video generation, web search, Twitter) are plausible but underspecified. Overall, the skill is suspicious due to supply-chain risk and unclear credential/data-flow safeguards; treat as requiring strict sandboxing, verifiable sources, and explicit credential management before use in production.