free-kameo

The skill is classified as suspicious due to its handling of multiple sensitive API keys and user credentials within shell scripts. Specifically, `scripts/register.sh` is designed to handle user email and password for authentication with a Supabase backend (though currently using placeholder URLs), and `scripts/enhance_prompt.sh` requires a `GOOGLE_API_KEY` from environment variables. While the intent appears to be legitimate for the skill's stated purpose, these capabilities represent a heightened risk for credential exposure or misuse if the skill were to be modified or if users were to carelessly configure the placeholder URLs in `scripts/register.sh`.