postalytics

SUSPICIOUS: The skill is coherent in purpose and uses an official npm-distributed Membrane CLI, so it does not look overtly malicious. However, it centralizes Postalytics authentication and API traffic through Membrane rather than the official Postalytics API path, creating moderate third-party credential and data-flow risk.