ibanfirst

SUSPICIOUS. The skill's capabilities largely match its stated IBanFirst integration purpose, and the CLI install path appears legitimate via the official npm package. The main concern is data-flow integrity and trust expansion: all access is brokered through Membrane, a third-party intermediary that manages authentication and proxies requests for a financial service. That is not clear evidence of malware, but it is a meaningful security and governance risk, especially because the skill can facilitate real-world financial actions and uses an unpinned `@latest` invocation in one example.