chmeetings

SUSPICIOUS: The skill’s core purpose is coherent, and the CLI install path appears to use an official npm package rather than an unverifiable binary. However, the integration is mediated entirely through Membrane, which acts as a third-party credential and data proxy instead of using ChMeetings’ official API directly. That intermediary routing is proportionate to the stated Membrane-based design but raises moderate security risk due to credential delegation and broad access to church-management data and write actions.