textline

SUSPICIOUS: the skill’s core purpose is coherent, and the CLI install path is from an official registry rather than an obviously malicious source. However, it routes Textline authentication and data operations through Membrane as a third-party intermediary, uses unpinned `latest` installs, and enables broad action execution with limited scope constraints; this is better classified as medium security risk than benign.