cliengo

SUSPICIOUS: the skill is broadly coherent with its stated Cliengo-integration purpose and uses an official npm-distributed Membrane CLI, so this is not confirmed malware. The main risk is architectural: it routes authentication and Cliengo operations through Membrane as a third-party intermediary, and it enables real external actions plus dynamic action creation. That makes it medium risk and suitable only when the user explicitly intends to trust Membrane as the control plane for Cliengo.