launchdarkly

SUSPICIOUS: The skill's purpose and capabilities are broadly aligned, and the CLI install path is a normal npm-based distribution rather than a raw download-execute lure. However, all LaunchDarkly access is funneled through Membrane as a third-party intermediary instead of the official LaunchDarkly API, so users must trust Membrane with authentication handling and service data. This is not clearly malicious, but the intermediary data flow and mutable global CLI install make it higher-risk than a direct official integration.