sender

SUSPICIOUS: The skill’s capabilities mostly match its purpose, and the CLI comes from an official npm scope rather than an obviously untrusted source. The main concern is architectural: Sender access is brokered through Membrane, so authentication and data flow through a third-party platform, plus the skill uses unpinned `@latest` CLI execution. This is not overtly malicious, but it has moderate trust and data-handling risk disproportionate to a direct Sender integration.