linkly

SUSPICIOUS: the skill's purpose broadly matches its capabilities, and the CLI comes from an official npm package tied to the publisher, so this is not strongly indicative of malware. However, the integration routes authentication and Linkly operations through Membrane as an intermediary rather than directly to official Linkly APIs, and it relies on mutable `@latest` CLI execution; that makes the trust and data-flow footprint larger than a narrow Linkly-only skill.