flowiseai

SUSPICIOUS: the skill is mostly coherent as a Membrane-based FlowiseAI connector, and the install path is standard npm rather than an unverifiable binary. The main concern is data-flow integrity: FlowiseAI requests and auth are routed through Membrane’s proxy and connection system instead of directly to FlowiseAI, which expands trust and exposes user data to an intermediary service. Risk is medium rather than high because the intermediary is disclosed, the package source is public npm, and permissions appear proportionate to the stated integration purpose.