ui-design

SUSPICIOUS: the skill’s purpose is coherent, but it routes image generation through ZenMux rather than the official OpenAI API and may read credentials from local files before forwarding them to that third party. The main risk is intermediary data exposure plus limited provenance for the unseen local script, not confirmed malware.