insightsoftware

SUSPICIOUS: the skill’s basic function matches its description, and the CLI source is a legitimate npm package, but the core data and auth flow is routed through Membrane as a third-party intermediary instead of directly to Insightsoftware. That makes the skill higher-risk than a direct official integration, though not confirmed malware.