hume

SUSPICIOUS: The skill’s purpose broadly matches Hume workflow automation, and the CLI install source is official npm, but the actual integration is mediated by Membrane for auth and API proxying rather than direct Hume API use. That intermediary data flow is a real trust and privacy concern, though not enough to call the skill malicious.