databowl

SUSPICIOUS: The skill's purpose aligns with Databowl management, and install provenance is relatively credible via the official npm package. The main concern is data-flow integrity: all Databowl access and credentials are mediated by Membrane rather than direct official Databowl APIs, creating a third-party trust and credential-forwarding layer. This looks more like a platform-specific integration wrapper than malware, but it is higher risk than a direct Databowl client.