craftcms

SUSPICIOUS: the skill is internally consistent about using Membrane, and the CLI install path looks vendor-aligned and registry-hosted, so this is not strong malware evidence. However, its actual footprint is a third-party mediation layer for all CraftCMS authentication and data access, which is broader than a direct CraftCMS integration and creates medium security risk through credential and data routing via Membrane.