riskadvisor

SUSPICIOUS: the core capability fits the stated purpose, and the CLI install path is plausibly official, but the skill routes RiskAdvisor access through Membrane as an intermediary rather than directly to the official service. That third-party proxy model and mutable CLI install make this higher-risk than a direct official API integration, though not clearly malicious.