skyciv

SUSPICIOUS: the skill is coherent as a Membrane-based SkyCiv integration and uses an official npm-scoped CLI, so it is not outright malicious. However, it routes SkyCiv authentication and data through Membrane's intermediary platform instead of direct SkyCiv APIs, creating meaningful third-party trust and data-flow risk beyond a normal direct integration.