plain

SUSPICIOUS. The install path is mostly legitimate and same-brand via npm, so this is not strong evidence of malware. However, the skill’s stated purpose is inconsistent with its described capabilities, and it routes all Plain interactions through Membrane’s intermediary CLI/proxy rather than directly to official Plain APIs, which increases trust and data-flow risk beyond what the skill title suggests.