herald

SUSPICIOUS: the skill’s purpose and capabilities mostly align, and the CLI comes from an official registry source, but the integration routes authentication and Herald API traffic through Membrane rather than directly to Herald. This third-party proxy model and mutable CLI install increase trust and data-flow risk beyond a minimal direct API skill, though there is not enough evidence of overtly malicious behavior.