contractbook

SUSPICIOUS. The skill’s purpose and capabilities broadly align, and the CLI comes from an official registry path tied to the stated vendor, so this is not outright malicious. However, it routes Contractbook access and authentication through Membrane as an intermediary service, expanding data exposure beyond the official API path, and uses mutable `@latest` installs. Risk is mainly third-party data/credential mediation plus moderate supply-chain hygiene concerns, not confirmed malware.