backlog

SUSPICIOUS. The skill’s capabilities fit a Backlog integration, and the CLI comes from an official registry with vendor-consistent docs, so this is not overtly malicious. However, the integration routes authentication and API traffic through Membrane as a third-party intermediary rather than directly to Backlog, creating medium data-flow and credential-forwarding risk that is higher than a direct official API integration.