imagga

SUSPICIOUS: the skill is internally coherent as a Membrane-hosted Imagga integration, and the CLI install source appears official. The main concern is data-flow integrity and credential forwarding: the skill routes authentication and API activity through Membrane rather than directly to Imagga, increasing the trust boundary and exposure surface. This is not strong evidence of malware, but it is a meaningful medium-risk intermediary-platform pattern.