flipando

SUSPICIOUS. The core pattern is coherent as a Membrane-hosted integration, and the CLI comes from an official npm package, so this is not confirmed malware. However, the skill has notable integrity issues: mismatched documentation/purpose text, all API traffic and credential handling routed through Membrane instead of directly to Flipando, and a broad proxy mechanism that can act on external data after login. This is best classified as a medium-risk integration skill with third-party credential/data brokerage concerns rather than benign documentation.