neonomics

SUSPICIOUS: The skill is coherent in purpose and uses an official same-org npm CLI, so it does not look overtly malicious. The main concerns are that all Neonomics operations are proxied through Membrane, `@latest` is unpinned, local CLI credentials may exist despite the docs’ framing, and the skill can enable real-world financial actions through a third-party intermediary.