highrise

The skill is mostly coherent with its stated CRM-integration purpose and uses an official npm-distributed vendor CLI, so it does not look malicious. However, it routes authentication and API activity through Membrane as an intermediary rather than directly to Highrise, which creates a meaningful third-party trust and data-handling risk. Overall: suspicious-but-plausibly-legitimate integration pattern, with moderate security risk and low malware evidence.