cyclr

SUSPICIOUS: the skill is mostly coherent with its stated purpose, and the CLI install path appears official, but it materially expands trust by routing Cyclr authentication and API traffic through Membrane. This is not confirmed malware, but the third-party credential/data mediation and broad action/proxy capability make it medium risk.