tatum

SUSPICIOUS: the skill is broadly coherent as a Membrane-based Tatum integration, and the CLI source appears official, so this is not confirmed malware. However, it is not a direct Tatum integration: it routes authentication, credentials, and all Tatum actions through Membrane as an intermediary, while offering high-impact blockchain operations and using a mutable CLI install. The main risk is third-party credential/data handling plus autonomous financial/blockchain actions, not hidden exfiltration or obvious malicious code.