rutter

SUSPICIOUS. The skill is coherent with its stated Rutter-integration purpose and uses a legitimate npm-distributed CLI, but it routes authentication and API traffic through Membrane as an intermediary rather than direct Rutter endpoints. That disclosed proxy model and mutable CLI install create medium security risk, though not strong evidence of malware.