content-repurposing

The skill intends to orchestrate multi-format content repurposing via a remote CLI and post results to social platforms. However, it relies on downloading and executing code from an external URL (curl | sh), which is a high-risk supply-chain/download-execute pattern. Data flows involve sending content/assets to external processing services and social endpoints, raising data-flow and credential-exposure concerns. While the described functionality could be legitimate, the footprint (remote installer, automated post actions, credential handling) is incongruent with secure-by-default practices. Treat as SUSPICIOUS with a security risk leaning high until a more secure, pinned, and auditable distribution mechanism is provided (e.g., official registry packages, pinned hashes, in-repo CLI, explicit credential scopes).