inbound-cli

SUSPICIOUS. The purpose is coherent for an email-management skill, and `INBOUND_API_KEY` is plausibly the right credential, but the core risk is install/execution trust: I could verify the Inbound brand and API docs, not the specific `inbound-cli` package or the exact CLI commands this skill depends on. Because the skill installs an only partially verified CLI and forwards email-service credentials to it, the security risk is high even without proof of malicious intent.