pingdom

SUSPICIOUS: the skill's purpose and capabilities are mostly coherent, and the CLI install source appears official and proportionate. The main risk is architectural: all Pingdom access and auth are mediated by Membrane, a third-party intermediary that stores/refreshes credentials and proxies requests, so data flows do not go directly to Pingdom. This is not strong evidence of malware, but it is a meaningful trust and data-flow risk that exceeds a direct official API integration.