activeprospect

SUSPICIOUS: The skill is internally coherent for a Membrane-managed ActiveProspect integration and uses an official npm-distributed CLI, so this is not strong evidence of malware. However, it routes authentication, API calls, and returned data through Membrane as an intermediary rather than directly to ActiveProspect, and it relies on unpinned `@latest` CLI execution; this makes the skill medium risk despite appearing legitimate.