publisherkit

SUSPICIOUS: the skill's purpose is coherent and the CLI install source appears legitimate, but the actual data path routes PublisherKit authentication and API traffic through Membrane as an intermediary rather than directly to PublisherKit. That third-party credential and request mediation is a meaningful trust expansion, though not strong evidence of malware.