harmonic

SUSPICIOUS. The skill is mostly coherent and uses an official npm-distributed Membrane CLI, but it is not a direct Harmonic integration: it routes authentication and all Harmonic actions through Membrane as an intermediary. That third-party credential and data mediation is broader than a normal single-service skill and raises moderate security risk, though there is not enough evidence of malware or overt credential theft.