pushpay

SUSPICIOUS. The skill is largely coherent with its stated Pushpay-integration purpose and uses a legitimate npm-distributed first-party CLI, so it is not overtly malicious. The main concern is data-flow integrity: all authentication and API access are mediated by Membrane rather than going directly to Pushpay, creating a third-party trust boundary for credentials and donor data; combined with unpinned `@latest` usage and broad proxy capability, this makes the skill medium risk rather than benign.