expertai

SUSPICIOUS: The skill is internally coherent for a Membrane-hosted connector, and its npm install path appears legitimate. However, all Expert.ai access and authentication are mediated by Membrane rather than going directly to Expert.ai, creating a meaningful third-party trust and data-flow risk; the unpinned `npx ...@latest` example adds minor supply-chain risk.