When to Use

The skill instructs the agent to load external Markdown files (e.g., `web.md`, `social.md`) for specialized context. This introduces a supply chain risk, as malicious content in these external files could poison the agent's RAG context or influence its reasoning.

If the task is destination-specific, load the matching file before deciding: / `web.md` for responsive delivery...

The skill suggests installing related skills using `clawhub install <slug>`, which, despite requiring user confirmation, represents a supply chain risk. A malicious skill installed via this mechanism could extend an attacker's control over the agent.

Install with `clawhub install <slug>` if user confirms:

The stated purpose implies the skill will 'create, inspect, process, and optimize' image files. However, the skill's content is purely instructional and advisory, providing guidance on *how* to perform these actions rather than executing them directly.

The skill content consists entirely of text-based advice, workflows, and references to external tools/files (e.g., 'commands.md' for 'concrete ImageMagick or Pillow examples'). There are no executable commands or API calls within the skill to perform image manipulation.

The instruction to install related skills explicitly requires user confirmation. While a security measure, frequent prompts for installation or other actions could lead to human approval fatigue, potentially allowing a malicious skill to be installed without proper scrutiny.

Install with `clawhub install <slug>` if user confirms: