forcemanager

SUSPICIOUS: The skill's CRM purpose is coherent, and the CLI comes from an official npm package, so this is not overtly malicious. However, all ForceManager access is funneled through Membrane, a third-party intermediary that manages authentication and executes actions on the user's behalf, which creates meaningful data-flow and trust-scope risk beyond a direct ForceManager integration.