equensworldline

SUSPICIOUS: The skill's purpose and capabilities mostly align, and the CLI comes from an official npm package, so this is not confirmed malware. The main concern is architectural: all authentication and API traffic are routed through Membrane's intermediary platform instead of directly to Worldline, creating meaningful third-party trust and data-flow risk for a financial integration.