planning-center

SUSPICIOUS: The skill is broadly coherent with its stated Planning Center integration purpose, and the CLI install path appears to be official npm distribution rather than a deceptive payload. The main risk is architectural: authentication and all Planning Center interactions are routed through the third-party Membrane CLI/service, so credentials and data are not confined to direct first-party Planning Center API flows. This is not clearly malicious, but it is a medium-risk trust expansion with authenticated remote action capability.