charisma

SUSPICIOUS. The skill is internally coherent as a Membrane-based Charisma integration and uses an official npm package rather than an unverifiable binary, so it is not outright malicious. However, its core design routes authentication, action discovery, and Charisma operations through Membrane instead of direct Charisma APIs, creating a third-party credential/data intermediary that raises medium security risk.