appliku

SUSPICIOUS. The skill’s capabilities are broadly aligned with Appliku administration and its data flows appear first-party, but it instructs installation of a token-bearing CLI/SDK whose public provenance is not fully verifiable from the available package metadata. The main risk is supply-chain trust plus real-world platform actions, not clear malware or credential theft.