getting-started

SUSPICIOUS. The stated purpose is plausible, but the actual data flow is inconsistent with official Recoupable documentation: credentials and API traffic are routed through an undocumented Vercel host, and the skill advertises an unverified self-service agent signup path that can mint API keys automatically. The npm install alone is not decisive, but combined with the endpoint mismatch and autonomous credential issuance, the skill’s footprint is not proportionate to normal onboarding.