kartra

SUSPICIOUS: The skill is mostly coherent with its stated Kartra-integration purpose and uses an official-looking Membrane CLI from npm, but it routes credentials and API traffic through Membrane as an intermediary rather than directly to Kartra. That third-party credential/data handling is disclosed, not hidden, so this is not malicious, but it meaningfully raises trust and operational risk.