ctoai

SUSPICIOUS: the skill is not overtly malicious and uses an official npm-distributed CLI, but its real function is to route CTO.ai access through Membrane as a third-party intermediary. That creates moderate trust, credential-forwarding, and data-flow concerns relative to the narrow stated purpose of a CTO.ai integration.