dyspatch

SUSPICIOUS: the skill’s purpose broadly matches its capabilities, and the CLI install path is from an official registry, so this is not malware-like. However, Dyspatch access is brokered through Membrane rather than the official Dyspatch API, so credentials and data may flow through a third-party intermediary, which is a meaningful integrity and trust concern. Overall this looks coherent but medium-risk due to credential/data brokerage, unpinned CLI install, and generated-action indirection.