pdffiller

SUSPICIOUS: The skill’s purpose and capabilities are mostly coherent, and the Membrane CLI install path is vendor-aligned and low supply-chain concern. The main risk is data-flow integrity: PdfFiller access and credential handling are routed through Membrane as an intermediary, so users must trust a third-party proxy with authentication and account data. This is not clearly malicious, but it is a meaningful medium risk for a skill presented as a PdfFiller integration.