elmo

SUSPICIOUS. The skill's high-level purpose is coherent, and its install source is an official npm package rather than a raw payload, so this is not confirmed malware. However, it is not a direct ELMO integration: it requires installing and trusting Membrane software, authenticating through Membrane, and routing ELMO access through Membrane-managed endpoints instead of official ELMO APIs. That intermediary credential/data path and mutable CLI install materially increase risk.