imperva

SUSPICIOUS: the skill is purpose-aligned for Imperva automation, and the Membrane CLI install source is legitimate npm/same-brand tooling. The main concern is data-flow integrity and scope: Imperva interactions and authentication are mediated by Membrane rather than going directly to Imperva, so sensitive API traffic and connection state are entrusted to a third-party platform. This is not confirmed malware, but it is a meaningful trust-boundary expansion with mutable `@latest` install exposure.