tuzi-image-gen

SUSPICIOUS. The skill’s functionality aligns with image generation, but its default use of Tuzi as a third-party relay and its arbitrary base URL overrides create meaningful data-flow and credential-routing risk. The Bun execution path is official and not an unverifiable binary, so this is not malware, but it is a medium-risk skill due to proxy trust and endpoint override exposure.