directus

SUSPICIOUS: the core Directus-management purpose is plausible, and the CLI install path appears vendor-consistent and registry-based, but the skill materially expands trust by routing authentication and API traffic through Membrane rather than Directus directly. The main risk is third-party credential/data mediation and arbitrary proxy requests, not confirmed malware.