vision6

SUSPICIOUS: The skill’s stated purpose matches its Vision6 automation capabilities, and installation via npm is more trustworthy than raw download-execute patterns. However, the core integration is mediated through Membrane rather than directly against official Vision6 APIs, and the skill requires trusting an unpinned external CLI plus a third-party service to handle auth and data flows. This is not clearly malicious, but it is a medium-risk delegated-integration pattern rather than a minimal direct Vision6 skill.