userflow-1

SUSPICIOUS. The skill's capabilities broadly match its stated Userflow integration purpose, and the install source is a legitimate npm package tied to the same publisher. However, it routes authentication and action execution through Membrane instead of directly to Userflow's official API, creating a third-party credential/data mediation layer and moderate trust expansion. This is not confirmed malware, but it is higher-risk than a direct official API skill.