plasmic

SUSPICIOUS. The skill is broadly consistent with its stated Plasmic-integration purpose, and the install path uses an official npm package rather than an opaque binary. However, credentials and API traffic are intentionally routed through Membrane as an intermediary, not directly to Plasmic, which creates a meaningful third-party trust and data-flow risk. This looks like a legitimate integration pattern with medium security risk, not confirmed malware.