agendor

SUSPICIOUS. The skill is broadly coherent with its CRM-integration purpose and uses an official npm-distributed Membrane CLI tied to the stated publisher, so this is not strong evidence of malware. However, it routes Agendor authentication and data through Membrane's hosted platform rather than directly to Agendor, requires trusting a third-party CLI/service, and uses mutable `@latest` installation. Overall this is a legitimate-looking but medium-risk delegated-integration skill, not confirmed malicious.