mandrill

SUSPICIOUS: The skill's purpose broadly matches an email-service integration, and the CLI comes from an official registry under the same vendor. The main concern is data-flow integrity: Mandrill access is mediated through Membrane's account system and proxy rather than direct calls to Mandrill's official API, creating a third-party interception point for data and auth handling. This is not confirmed malware, but it is a medium-risk integration pattern.