alphasense

SUSPICIOUS. The skill is not overtly malicious and uses a legitimate npm-distributed CLI, but it shifts AlphaSense access and data handling through Membrane as a third-party intermediary. That mismatch between a service-specific integration and a brokered managed platform creates medium risk, especially for sensitive research data and delegated authentication.