pickrr

SUSPICIOUS: the skill’s overall behavior is mostly aligned with its stated Pickrr-integration purpose, and the CLI comes from an official npm package tied to Membrane. The main concern is data-flow integrity and credential forwarding: all auth and API access are mediated by Membrane rather than direct Pickrr endpoints, which expands trust to a third-party platform and server-side credential storage. This is not overtly malicious, but it is a meaningful security and privacy risk that should be disclosed and approved by users.