twenty

SUSPICIOUS: mostly coherent integration skill with an official-registry CLI and proportionate auth flow, but it relies on a third-party intermediary for all Twenty access, uses mutable installs, and contains a notable product-description mismatch. This is not confirmed malware, but it carries moderate trust and data-flow risk because Membrane sits between the agent and Twenty.