typeform

SUSPICIOUS. The skill’s capabilities mostly match its Typeform-management purpose, and the CLI comes from the official npm registry, so this is not overt malware. However, all authentication and Typeform operations are funneled through Membrane as a third-party intermediary, dynamic action creation expands behavior beyond fixed documented actions, and the install is unpinned. The main risk is trust and data-flow integrity, not clear malicious intent.