gocanvas

SUSPICIOUS: The skill is internally coherent for a Membrane-based GoCanvas integration, and its CLI install path is official npm rather than a suspicious download-execute chain. However, it routes GoCanvas authentication and API traffic through Membrane as a third-party intermediary, expanding trust and exposing user data/credentials to a non-GoCanvas service; this is disclosed but still a medium-risk data-flow concern rather than confirmed malware.