chatra

SUSPICIOUS: The skill’s stated purpose aligns with its capabilities, and the CLI install path appears official and low-risk. The main concern is data-flow integrity: Chatra access is mediated through Membrane, a third-party integration layer that receives auth context and business data, plus the skill enables externally visible actions like sending or editing customer messages. This is not confirmed malware, but it carries meaningful trust and operational risk.