tawkto

SUSPICIOUS: the skill is not overtly malicious and uses an official npm-distributed CLI from the same vendor, but it materially expands data flow by routing Tawk.to access through Membrane as an intermediary. The metadata mismatch and third-party proxy architecture make it higher risk than a direct Tawk.to integration, though not consistent with confirmed malware.