appointedd

SUSPICIOUS: The skill's capabilities match its Appointedd integration purpose, and the CLI install source is a legitimate npm package. However, the core data flow routes authentication and Appointedd data through Membrane rather than directly to official Appointedd APIs, creating meaningful third-party trust and credential-handling risk. This looks like a coherent integration skill, not confirmed malware, but its intermediary architecture and mutable CLI install make it medium risk.