mend

SUSPICIOUS: the skill is broadly coherent as a Membrane-powered Mend integration, and the CLI source appears official, so this is not strong evidence of malware. However, all Mend access is routed through Membrane rather than directly to Mend, and the skill promotes installing and using an unpinned external CLI as the control plane, which creates moderate trust and data-flow risk.