follow-up-boss

SUSPICIOUS: The skill is broadly coherent with its stated purpose and uses an official-looking npm-distributed CLI, so it does not look malicious. However, all authentication and CRM traffic are funneled through Membrane rather than direct Follow Up Boss APIs, and the globally installed unpinned CLI plus third-party credential/data handling create meaningful trust and security risk.