truelayer

SUSPICIOUS: the skill is mostly coherent for a Membrane-based TrueLayer integration and uses an official npm package, but it routes banking data and auth through Membrane instead of direct TrueLayer APIs and can enable real financial actions. This is not confirmed malware, but the third-party intermediary data flow and payment capability make the overall risk medium.