html-to-image

SUSPICIOUS. The skill is largely coherent and uses an official npm-distributed CLI, so this is not confirmed malware. However, it inserts Membrane as a third-party intermediary for authentication and API operations instead of using the HTML to Image service directly, which increases trust and data-flow risk; combined with an unpinned global CLI install, this warrants medium security concern.