sap-ariba

SUSPICIOUS. The skill’s purpose and capabilities are broadly aligned, and the CLI comes from an official registry, but the integration routes SAP Ariba authentication and data through Membrane rather than direct SAP APIs and relies on an unpinned third-party CLI/service. This is not confirmed malicious, but it introduces meaningful third-party trust and data-flow risk for enterprise procurement data.