moneybird

SUSPICIOUS: The skill's purpose and capabilities are mostly aligned, and the install path is a normal npm-based CLI rather than a raw download. The main concern is that all auth and API interaction are mediated by Membrane instead of going directly to Moneybird, creating a third-party credential/data handling boundary, plus the skill enables business-impacting actions like sending invoices. This looks like a legitimate integration with moderate trust and operational risk, not confirmed malware.