aeroleads

SUSPICIOUS: the skill is coherent as a Membrane-published AeroLeads integration and uses an official npm-distributed CLI, so it does not look malicious. However, it routes authentication and all AeroLeads operations through Membrane’s third-party platform instead of direct AeroLeads APIs, creating medium risk around credential custody, intermediary data flow, and dynamic remote action execution.