flippingbook

SUSPICIOUS: the skill’s overall purpose is coherent, and the CLI install path is from an official registry with same-brand documentation, so this is not malware-like. However, the integration is brokered through Membrane rather than direct FlippingBook APIs, meaning credentials and operational data are entrusted to a third-party platform, and the skill can create and execute account-mutating actions. That makes it a moderate-risk integration skill rather than a benign low-risk docs/helper skill.