deputy

SUSPICIOUS: The skill’s stated purpose matches its Deputy-management capabilities, and the CLI comes from an official npm package, so this is not clearly malicious. However, all authentication and data access are routed through Membrane instead of Deputy’s official API, and the skill enables dynamic action generation plus potentially impactful workforce changes. That makes the trust and data-flow footprint broader than a simple direct Deputy client, with moderate security risk but limited evidence of malware.