specific

SUSPICIOUS. The install path is same-vendor and not inherently malicious, but the skill is internally inconsistent: it cannot describe the target app, links unrelated `eval` docs, and routes all credentials and data operations through Membrane rather than clearly documented official app endpoints. The capability set is broader than the stated purpose and the data flow relies on a third-party intermediary.