google-tasks

SUSPICIOUS: The skill is coherent for Google Tasks management and uses an official-looking npm-distributed vendor CLI, so it is not overtly malicious. However, it routes authentication and task data through Membrane as an intermediary and encourages dynamic action creation, which makes the trust boundary broader than a direct Google Tasks integration and raises medium security risk.