adatree

SUSPICIOUS. The skill's core behavior is coherent with its stated purpose, and the CLI comes from the official npm registry, so this is not outright malicious. However, it depends on Membrane as a third-party intermediary for authentication and all Adatree API traffic, creating meaningful data-flow and credential-trust risk beyond a direct Adatree integration.