rainforest-qa

The skill is not overt malware, but it is security-relevant because it inserts Membrane as a third-party intermediary for Rainforest QA authentication and actions. The install path is relatively normal, yet the core data flow does not go directly to Rainforest QA, so this is best classified as suspicious/medium risk rather than benign.