kintone

SUSPICIOUS. The skill’s capabilities fit its stated Kintone purpose and the CLI comes from npm rather than a raw installer, so this is not overtly malicious. However, all authentication and Kintone access are routed through Membrane as a third-party intermediary instead of directly to official Kintone endpoints, and the agent is asked to trust a globally installed CLI plus backend service for credential handling and action generation. That makes the skill coherent but medium-risk from data-flow and delegated-trust perspectives.