ftrack

SUSPICIOUS: the skill’s purpose matches FTrack management, and the CLI install source is legitimate, but the actual data flow is a third-party Membrane proxy/connection layer rather than direct FTrack API use. That makes the scope broader than a simple FTrack client and raises medium risk around credential/data mediation and agent-driven write actions, though there is no clear evidence of outright malware.