landing-ai

SUSPICIOUS: the skill’s purpose broadly matches its functionality, and the CLI install source is reasonably legitimate, but the core design routes authentication and API traffic through Membrane instead of Landing AI directly. That third-party credential and data mediation is a meaningful integrity risk even without clear evidence of malware.