customer-persona

This skill is not obviously malicious: it is a marketing/persona authoring guide that leverages the inference.sh CLI and various third-party apps for research and avatar generation. However, it demonstrates several supply-chain and data-flow risks: use of curl|sh installer (download-and-execute), transitive installation of third-party skills via npx/infsh, and routing of user input/queries to multiple external services. These behaviors are coherent with the skill's purpose (remote research and image generation), but they substantially expand the trust boundary and expose users to supply-chain compromise and data leakage if upstream services or installed skills are malicious or compromised. Recommend treating installs as high-risk, verifying checksums out-of-band, minimizing sensitive data sent to remote endpoints, and auditing any transitive skills before installation.