schoology

SUSPICIOUS: The skill’s core purpose is coherent, and its install path is from an official npm package rather than an unverifiable binary. The main concern is data-flow integrity: Schoology authentication and API requests are funneled through Membrane’s intermediary platform/proxy instead of going directly to Schoology, expanding trust to a third party for educational records and tokens. This looks like a legitimate integration pattern, but it is not a low-trust direct API skill.