planning-center

SUSPICIOUS. The skill's purpose and capabilities are mostly aligned, and the CLI comes from an official npm package tied to the same vendor, so this is not overt malware. However, all Planning Center access and credential handling are funneled through Membrane as a third-party intermediary/proxy, which broadens trust and data exposure beyond the official service and raises medium security risk.