dataddo

SUSPICIOUS: the install path is relatively legitimate and low supply-chain risk, but the skill's core design routes Dataddo authentication and API traffic through Membrane instead of using Dataddo directly. That intermediary model is broader than the stated Dataddo integration purpose and weakens data-flow integrity, though there is not enough evidence to call it malicious.