simplecast

SUSPICIOUS. The skill is broadly aligned with its stated Simplecast-integration purpose and uses an official npm-distributed Membrane CLI, so it is not malware-like. However, all authentication and API traffic are routed through Membrane as a third-party intermediary instead of going directly to Simplecast, which creates meaningful data-flow and credential-forwarding risk; combined with an unpinned global CLI install, this makes the skill medium risk rather than benign.