invoice-ninja

SUSPICIOUS: the skill's stated purpose matches Invoice Ninja operations, and the CLI install path appears official and proportionate. However, the integration is not direct: authentication, request routing, and data access are mediated by Membrane, so business data and auth context flow through a third-party service and proxy. This is coherent with the skill's design but raises medium security risk due to intermediary data flow and credential delegation.