shotstack

SUSPICIOUS: the skill is not overtly malicious and uses an official npm-distributed CLI, but it is internally inconsistent and expands trust by routing Shotstack access through Membrane as an intermediary. Overall risk is medium due to third-party proxying, mutable installs, and mismatched purpose text rather than confirmed malware.