google-dialogflow

SUSPICIOUS: the skill’s behavior is coherent with a Membrane-managed Dialogflow workflow, and its install source is a normal npm package, not a hidden payload. However, it materially changes the trust boundary by routing Google Dialogflow access, authentication handling, and action execution through Membrane’s intermediary service instead of official Google APIs, while also using mutable `@latest` installs. This is better classified as a medium-risk third-party gateway pattern than malware.