userpilot

SUSPICIOUS: The skill's purpose mostly matches its capabilities, and the CLI source appears to be the publisher's official npm package. The main concern is data-flow integrity: Userpilot authentication and API traffic are mediated through Membrane infrastructure rather than going directly to Userpilot, creating an extra trust boundary and third-party credential/data handling layer. This is not confirmed malware, but it is a medium-risk integration pattern.