vectera

SUSPICIOUS. The skill is internally coherent as a Membrane-based Vectera integration and uses an official npm-distributed CLI, so it is not outright malicious. However, it introduces a meaningful trust shift: Vectera authentication, data access, and action execution are routed through Membrane rather than directly to Vectera, which is a nontrivial third-party intermediary for credentials and customer data.