respondio

SUSPICIOUS. The skill’s capabilities mostly match its stated Respond.io integration purpose, and the CLI install source appears official via npm. However, the core data flow is mediated through Membrane rather than direct Respond.io API use, so authentication and API traffic are delegated to a third-party platform. That makes the skill internally coherent but medium risk due to intermediary credential/data handling and unpinned CLI installation.