gocanvas

SUSPICIOUS: The skill's purpose broadly matches its capabilities, and the CLI comes from an official npm package rather than an opaque binary. However, the integration is not a direct GoCanvas client: authentication, credential refresh, action execution, and proxy requests all flow through Membrane, creating meaningful third-party credential and data-routing risk. This looks more like a legitimate but higher-trust brokered integration than overtly malicious behavior.