hashnode

SUSPICIOUS. The skill is largely coherent with its stated Hashnode integration purpose and uses an official npm-distributed CLI from the same publisher, so it does not look malicious. However, it routes authentication and all API activity through Membrane as a third-party intermediary instead of directly to Hashnode, creating medium trust and data-flow risk that is disproportionate compared with a direct API integration.