esputnik

SUSPICIOUS. The skill's capabilities broadly match its stated ESputnik integration purpose and the CLI install path appears official, so this is not strong evidence of malware. However, all credentials and ESputnik operations are funneled through Membrane as a third-party intermediary, and the skill enables outbound messaging actions with real-world impact; that makes the data flow and authority broader than a direct vendor API integration and warrants medium risk.