paystand

SUSPICIOUS. The skill is internally coherent for a Membrane-based Paystand integration and uses an official npm package, so it is not overtly malicious. However, it routes authentication and Paystand operations through Membrane rather than direct Paystand APIs, creating meaningful third-party credential/data exposure and moderate operational risk for finance-related actions.