plaid

SUSPICIOUS. The skill's purpose and capabilities are mostly coherent, and the CLI comes from a standard registry under branding consistent with the publisher. However, the skill is presented as a Plaid integration while all sensitive authentication and data access are mediated by third-party Membrane infrastructure, not Plaid's official tooling, and it uses mutable latest-tag installs. This is not confirmed malware, but it expands trust and data flow beyond what a direct Plaid integration would normally require.