setmore

SUSPICIOUS: the skill's purpose broadly matches Setmore integration, and the CLI install source appears legitimate, but the actual data flow routes authentication and API traffic through Membrane instead of directly to Setmore. That third-party credential and data mediation is a meaningful integrity and trust risk, though not confirmed malware.