qwen-image-pro

This skill documentation describes a legitimate-seeming image-generation capability but includes multiple supply-chain risk patterns: a curl|sh installer (download-and-execute), reliance on third-party distribution domains, and suggestions to install transitive skills (npx) that can execute arbitrary code. The primary risks are supply-chain compromise of cli.inference.sh or dist.inference.sh and credential or data forwarding via the infsh login and runtime. There is no clear evidence of embedded malicious code in this README itself, but the documented install/run patterns are high-risk for credential theft or arbitrary code execution if the upstream binaries or transitive packages are compromised. Recommend treating this as suspicious: avoid piping remote scripts to shell, verify checksums out-of-band, inspect binaries/source before running, and limit use of transitive skill installs. Use least-privilege credentials and audit network endpoints the CLI communicates with before providing secrets.