docusign

SUSPICIOUS: The skill's functionality matches its DocuSign automation purpose, and the installer is from an official registry, so this is not strongly indicative of malware. The main risk is data-flow integrity: all DocuSign access and auth are mediated by Membrane, a third-party intermediary, and the skill also enables consequential actions like sending or voiding envelopes. Overall this is a coherent integration skill with moderate security risk due to proxying and credential/data routing through a non-DocuSign service.