signaturit

SUSPICIOUS. The skill’s purpose is plausible, and the CLI install path is official, but the integration is not a direct Signaturit client: it routes authentication, queries, and data through Membrane as a third-party intermediary. That makes the data flow broader than the stated app-specific purpose and introduces moderate risk from credential forwarding and remote action generation.