pliance

SUSPICIOUS: the skill's stated purpose is coherent, and the CLI comes from an official npm package, but the integration routes authentication and Pliance data through Membrane rather than directly to Pliance. This is a proportional integration pattern, yet it meaningfully expands trust and data exposure to a third-party platform, so risk is medium rather than benign.