superdocu

The skill is mostly coherent in purpose and uses an official Membrane CLI install path, so it does not look overtly malicious. The main concern is data-flow integrity: Superdocu access is mediated through Membrane accounts, services, and proxy endpoints rather than directly to Superdocu, creating a third-party trust and visibility layer over document-management operations. Overall this is best classified as suspicious-to-moderate risk rather than benign, driven by intermediary credential/data handling rather than malware indicators.