stackstate

SUSPICIOUS: the skill is internally coherent for a Membrane-published connector, and its CLI install path looks ordinary, but the actual integration is not a direct StackState integration. Authentication, credentials, and StackState data are routed through Membrane, a third-party intermediary that becomes a central trust point. That makes this higher risk than a direct official API skill, though there is not enough evidence here to call it malicious.