hugging-face

SUSPICIOUS. The skill’s capabilities broadly match its purpose, and the CLI install path appears to be an official npm-distributed Membrane tool rather than a hidden payload. However, the skill is not a direct Hugging Face integration: it requires a separate Membrane account, stores/refreshes credentials server-side, and routes requests through Membrane’s proxy. That intermediary credential and data flow is clearly disclosed but meaningfully expands trust and creates medium security risk, especially given generic proxy access and destructive account-management actions.