razorpay

SUSPICIOUS. The skill's purpose broadly matches its capabilities, and the CLI install path is from an official npm package rather than a suspicious binary. The main concern is data-flow integrity: instead of using Razorpay APIs directly, it routes authentication and actions through Membrane, a third-party platform that can store/manage connection credentials and mediate all requests. That makes the skill coherent but higher-trust than its simple Razorpay framing suggests, with moderate operational risk if the agent executes impactful payment-platform actions without explicit approval.