riff

The skill's footprint is largely consistent with its stated purpose: it orchestrates parallel riff generation, writes outputs to disk, and assembles a gallery and rankings locally. There are no explicit exfiltration routes or credential harvesting beyond standard CLI token usage, which is expected for invoking an external service. The main concerns are around autonomous multi-process execution and handling of external CLI tokens within an agent context; these are not inherently malicious but warrant caution and explicit user-approval in some deployment models. Overall, the skill is BENIGN with MEDIUM caution; it should be treated as suspicious only if extended with unmanaged auto-execution or if tokens and outputs are not properly isolated or user-approved.