email-campaign

SUSPICIOUS: the skill’s purpose is plausible, but its actual data flow is a third-party proxy pattern. It reads a local credential file and sends prospect PII and API actions through Gooseworks rather than official provider endpoints, creating significant confidentiality and credential-handling risk even though the install path appears same-org.