proofpoint

SUSPICIOUS: The skill's purpose and capabilities are broadly aligned, and the install source appears official and same-vendor. However, it requires installing and trusting a third-party CLI/service layer that brokers Proofpoint authentication and data access through Membrane rather than direct Proofpoint APIs, with mutable @latest execution increasing supply-chain risk. This is not clearly malicious, but the intermediary credential/data flow makes it medium risk.