edapp

SUSPICIOUS. The skill's capabilities broadly match its EdApp integration purpose, and the CLI install source appears to be an official same-vendor npm package. The main concern is data-flow integrity: EdApp access is funneled through Membrane's proxy and authenticated CLI rather than directly to EdApp, so account data and auth handling are delegated to an intermediary service. This is disclosed and plausibly legitimate, but it increases trust and privacy risk beyond a direct EdApp API skill.