altoviz

SUSPICIOUS: The skill’s capabilities generally match its stated purpose, and installation comes from an official npm package rather than a suspicious download chain. However, all Altoviz access is mediated through Membrane’s CLI/service, so credentials and data are routed through a third-party intermediary instead of directly to Altoviz, and the proxy mode plus write actions increase trust and operational risk. This is not clearly malicious, but it is a medium-risk integration pattern due to intermediary data flow and broad remote action capability.