dux-soup

SUSPICIOUS: The skill is broadly aligned with its stated Dux-Soup integration purpose and uses a publisher-consistent CLI from npm, but it routes authentication and API activity through Membrane as an intermediary rather than directly to Dux-Soup. That third-party credential handling and proxying make the data flow more expansive than a direct integration, while `@latest` installs add moderate supply-chain risk.