lightspeed-r-series

SUSPICIOUS: the skill is internally coherent and uses a verifiable first-party Membrane CLI, but it requires a third-party Membrane account and routes Lightspeed credentials and API traffic through Membrane’s managed proxy. That intermediary design is disclosed and aligned with the skill’s purpose, so this is not confirmed malware, but it creates meaningful trust, credential-forwarding, and data-flow risk.