samsara

SUSPICIOUS: the skill is internally coherent as a Samsara integration, and the CLI comes from the same vendor via npm, so this is not overt malware. However, it routes Samsara authentication and API traffic through Membrane as an intermediary rather than directly to official Samsara endpoints, creating meaningful trust and data-flow risk beyond a simple direct API skill.