pact-foundation

SUSPICIOUS: The skill is not overtly malicious and uses an official npm package from the same vendor, but its actual footprint is a Membrane integration layer rather than a direct Pact Foundation integration. The main risk is intermediary credential and data routing through Membrane, which is only partially aligned with the stated purpose and creates medium security risk.