Geek-skills-seedream-imagegen

SUSPICIOUS. The stated purpose is coherent for an image-generation skill, and no remote installer or obvious exfiltration pattern is shown in the provided text. However, the skill materially blurs the service boundary by claiming ByteDance Seedream while instructing users to obtain and send a Segmind API key, so the actual data flow is to a third-party hosted provider rather than clearly to an official ByteDance endpoint. The main executable logic is an unseen local script, so credential handling and network destinations cannot be fully verified. Risk is medium due to third-party credential routing ambiguity and unverifiable script behavior, not confirmed malware.