filebase

SUSPICIOUS. The skill’s capabilities mostly match its stated purpose, and the CLI is installed from the official npm registry rather than an arbitrary download. However, the data flow is not direct to Filebase: authentication and API access are routed through Membrane’s CLI/service, which means credentials and requests are mediated by a third party. That can be legitimate for an integration platform, but it is broader than a simple Filebase skill and increases trust requirements. Risk is medium due to third-party credential mediation and unpinned CLI installation, not confirmed malware.