api-void

SUSPICIOUS. The install path is relatively normal and vendor-consistent, but the skill’s declared purpose does not match its listed objects/actions, and all service access is funneled through Membrane instead of direct official Api Void endpoints. That makes the skill internally inconsistent and introduces medium data-handling risk through a third-party integration layer, though there is not enough evidence to call it outright malicious.