pushbots

SUSPICIOUS: The skill’s purpose and capabilities mostly align, and the CLI install path is official npm-based rather than a malicious downloader. However, all PushBots interactions are routed through Membrane’s CLI/service, so credentials and data are mediated by a third party instead of the official PushBots API, which raises medium trust and data-flow concerns.