xiaohu-wechat-cover

SUSPICIOUS: the core image-generation purpose is coherent, but the skill’s data flow is not. It requires reading a raw API key from local config and forwarding prompts plus credentials to an arbitrary third-party Gemini-compatible gateway rather than an official Gemini endpoint, and it also auto-edits the article file by default. Main risk is credential/data routing through an intermediary, not confirmed malware.