appcircle

SUSPICIOUS: the skill's purpose and capabilities broadly align, and the CLI install path is official npm-based, not a malicious download-execute chain. However, all Appcircle access and authentication are routed through Membrane instead of Appcircle's official API, creating a third-party credential/data mediation layer and moderate trust expansion beyond what the skill title suggests.