density

SUSPICIOUS. The skill’s functionality matches its stated purpose, and the CLI comes from an official-looking same-brand npm package, so this is not overtly malicious. However, it shifts all Density authentication and API traffic through Membrane as an intermediary, and installs an unpinned external CLI that will handle connection setup, credentials, and proxied requests. That makes the data flow and trust model broader than a direct Density integration, creating medium security risk without clear evidence of malware.