seedance-prompt

SUSPICIOUS: the prompt-authoring behavior is coherent, but the skill also installs and executes an external Dreamina CLI via an unpinned `curl|bash` script. Evidence suggests the domain is likely official to the same service family, so this is not confirmed malicious; however, the install path and opaque CLI/data flow create a disproportionate supply-chain risk for a skill whose main purpose is writing prompts.