dripcel

SUSPICIOUS. The skill is coherent and vendor-aligned, with an official npm CLI and a plausible purpose, so it does not look outright malicious. However, it routes Dripcel authentication and operations through Membrane instead of Drip's official direct API, forwards sensitive access to a third-party platform, uses an unpinned CLI install, and enables impactful messaging/account actions; this makes it medium risk rather than benign.