beacon

SUSPICIOUS: the skill broadly matches a Membrane-based integration pattern, and the CLI source appears same-org via npm, but the Beacon identity is inconsistently documented and all authentication/data flows are funneled through Membrane as an intermediary. This is not confirmed malware, but it is a medium-risk skill because it centralizes third-party credentials and API traffic in a proxy service and uses unpinned @latest CLI execution.