pushover

SUSPICIOUS: the skill's purpose broadly matches its capabilities, and the CLI install appears to come from the publisher's documented npm package. However, the integration routes Pushover access through Membrane's CLI and proxy service, creating third-party credential/data handling and enabling external actions like sending notifications; this makes it medium risk rather than benign.