quantil

SUSPICIOUS: the skill is purpose-aligned and uses an official-looking Membrane CLI from npm, but it routes QUANTIL authentication and API traffic through Membrane’s intermediary service instead of the official QUANTIL API. That third-party credential and data mediation is proportionate to the advertised Membrane integration model, yet still creates medium security risk and weaker data-flow integrity than a direct integration.