moskit

SUSPICIOUS: The skill is not overt malware, and its CLI install path is consistent with the publisher’s ecosystem, but it relies on Membrane as a third-party intermediary for authentication and API traffic instead of direct Moskit endpoints. Combined with the misleading Moskit description and mutable `@latest` usage, the overall footprint is only partially aligned with the stated purpose.