demandbase

SUSPICIOUS: The skill’s purpose and capabilities mostly align, and the install source is a legitimate same-vendor npm package. However, all authentication and API traffic are routed through Membrane’s intermediary service rather than directly to Demandbase, expanding trust and data exposure beyond a simple first-party API integration. This looks more like a managed gateway pattern than overtly malicious behavior.