monday

SUSPICIOUS. The skill is broadly consistent with its stated purpose and uses an official npm-distributed CLI from the same vendor ecosystem, so it does not look malicious. However, all Monday access is mediated through Membrane rather than Monday’s official API directly, creating third-party data/credential routing and real-world modification capability that raise medium security risk.