blockstack

SUSPICIOUS: The skill is coherent in purpose and uses an official same-vendor CLI, but it routes Blockstack access, credentials, and action execution through Membrane rather than official Stacks APIs. That intermediary trust model and unpinned CLI execution make it medium risk, though not overtly malicious.