pp-roam

SUSPICIOUS: the skill is broadly consistent with its stated Roam automation purpose, but it depends on an external CLI, forwards API credentials to that tool, supports arbitrary webhook output delivery, and exposes high-impact admin/messaging actions. This looks more like a powerful but high-risk integration skill than confirmed malware.