buddy

SUSPICIOUS. The install path is largely legitimate and same-ecosystem, but the skill is internally inconsistent: it claims Buddy CI/CD integration while describing unrelated record types, and it routes all Buddy access through Membrane rather than directly to official Buddy endpoints. This looks more like a generic Membrane wrapper than a tightly scoped Buddy skill. Not confirmed malware, but medium risk due to third-party credential/data mediation and purpose-capability mismatch.