amex-travel

SUSPICIOUS: The skill's core behavior matches its stated purpose, but it relies on anti-detection browser automation, persistent session profiles, direct handling of Amex credentials, and optional arbitrary command execution for 2FA. Data appears to flow to the official service rather than a clear theft endpoint, so this is not confirmed malware, but it carries meaningful security and trust risk.