slybroadcast

SUSPICIOUS: the skill is mostly coherent with its stated purpose, and the CLI appears to be an official same-vendor npm package, so this is not confirmed malware. However, all access is mediated through Membrane rather than direct Slybroadcast APIs, credentials and activity are entrusted to that intermediary, the install is unpinned (`@latest`), and the skill can generate and execute new actions with real-world messaging consequences. This is a medium-risk third-party integration pattern, not a clearly malicious skill.