leadconnector

SUSPICIOUS. The skill's capabilities generally match its stated purpose, and the CLI install source is coherent and relatively trustworthy. The main concern is data-flow integrity: this is presented as a LeadConnector integration but actually operates through Membrane as an intermediary, so LeadConnector data and auth are routed through a third party rather than the official service directly. That makes it higher-risk than a direct API skill, but not clearly malicious.