prompt-engineering

This skill is a prompt-engineering guide that references and instructs installing and using the inference.sh CLI. The content itself is not overtly malicious (no hardcoded secrets, no obfuscated payloads, no reverse shells visible). However, it includes high-risk supply-chain patterns: a curl|sh installer (download-and-execute), remote binary downloads, and recommendations to install transitive skills. Those patterns expand trust to remote domains (cli.inference.sh / dist.inference.sh) and to any third-party skills installed later. The primary risks are supply-chain compromise or credential/exfiltration via the installed CLI or transitive skills. Treat this as suspicious: if you must use it, avoid pipe-to-shell installs, verify checksums manually, inspect install scripts and binaries, prefer platform package managers or vetted installers, and audit any transitive skills before installing.