oncehub

SUSPICIOUS. The skill's overall purpose and capabilities are coherent for OnceHub integration, and the CLI install path appears to be the publisher's official npm-distributed tool rather than a random payload. However, all authentication and data operations are routed through Membrane as an intermediary rather than directly to OnceHub, and the skill uses unpinned `@latest` CLI execution. This is not confirmed malicious, but it introduces medium trust and data-flow risk that is higher than a direct official API integration.