acf

SUSPICIOUS: The skill’s capabilities match its stated Membrane-based ACF purpose, and the CLI install source is legitimate npm. However, all authentication and ACF operations are routed through Membrane rather than official ACF/WordPress APIs, creating a third-party credential/data mediation layer. This is not confirmed malware, but it is a medium-risk trust and data-flow concern, compounded by unpinned CLI installation.