voiceflow

SUSPICIOUS: the skill’s stated purpose matches its capabilities, and the CLI install path is a normal npm-based distribution from what appears to be the same publisher ecosystem. However, all Voiceflow access and credential handling are mediated through Membrane rather than the official Voiceflow API directly, creating a meaningful third-party trust and data-flow risk. This is more consistent with a legitimate integration proxy than malware, but the credential forwarding and proxy architecture make it medium risk.