brand-intel-branddev

SUSPICIOUS: the skill’s purpose is coherent, but its data flow is weaker than expected because Brand.dev requests and bearer credentials are routed through a Gooseworks/Orthogonal proxy instead of the official Brand.dev API. This looks more like a managed gateway than overt malware, but the proxying and raw credential-file handling create meaningful trust and exposure risk.