gitea

SUSPICIOUS: the stated purpose is Gitea management, but the actual data flow depends on Membrane as a third-party credential holder and API proxy rather than direct Gitea access. The npm-based CLI install appears legitimate, so this is not confirmed malware, but the intermediary routing and credential delegation create a medium-high security risk that is disproportionate for a simple Gitea integration.