logit-io

SUSPICIOUS. The skill is not overt malware and uses an official npm-distributed CLI from the same vendor ecosystem, but its real integration point is Membrane, not Logit.io. That third-party mediation of authentication and data is disclosed yet materially changes the trust boundary, and the mutable @latest CLI execution adds moderate supply-chain risk.