bluebeam

The skill is functional and mostly coherent, and its install path is low-risk. The main concern is data-flow integrity: Bluebeam authentication and API traffic are routed through Membrane, a third-party intermediary, instead of directly to Bluebeam. That makes this better classified as suspicious-to-medium risk rather than benign, due to credential forwarding and proxying, not confirmed malware.