candango-plan

SUSPICIOUS: the wrapper’s stated purpose is coherent, but its core behavior is outsourced to a third-party skill from another publisher, creating a medium supply-chain and transitive-trust risk. The provided wrapper itself shows no credential harvesting or direct exfiltration, so this is not confirmed malware.