act-365

SUSPICIOUS: The skill’s purpose and capabilities mostly align, and the CLI comes from npm rather than an opaque binary. The main concern is data-flow integrity: all authentication and Act! 365 API access are mediated by Membrane, so CRM data and delegated credentials pass through a third-party platform/CLI instead of directly to the official service. That makes this coherent but medium risk, not clearly malicious.