insomnia

SUSPICIOUS. The skill is not overtly malicious and its npm install path appears legitimate, but it is only partially aligned with its stated purpose because it requires routing Insomnia access through Membrane-managed infrastructure and account auth rather than directly to Insomnia. Main risks are third-party data/credential mediation and mutable CLI installation, not confirmed malware.