moonclerk

SUSPICIOUS. The skill’s stated purpose is plausible, and the CLI comes from an official npm package tied to the publisher, so this is not confirmed malware. However, the integration is architected around Membrane as a third-party intermediary for authentication and API access instead of direct MoonClerk API use, which creates medium risk around credential delegation and data flow integrity; combined with unpinned CLI installs, this makes the skill internally coherent but broader and riskier than a direct MoonClerk connector.