appsmith

SUSPICIOUS. The skill is mostly coherent with its stated Appsmith integration purpose and uses a same-brand npm CLI, but it routes all access through Membrane as an intermediary rather than directly to Appsmith. That disclosed third-party control plane and mutable @latest global install create medium security risk, though there is not enough evidence of malicious intent.