freshlearn

SUSPICIOUS: the skill’s purpose matches Freshlearn administration, and the install path appears to use the vendor’s official npm-distributed CLI, so this is not overt malware. The main concern is architectural: all Freshlearn authentication and data access are routed through Membrane as a third-party intermediary, with an unpinned external CLI and dynamic remote action creation. That footprint is somewhat broader than a direct Freshlearn integration and creates medium security risk, but it remains coherent with the stated product model.