google-workspace

SUSPICIOUS. The skill’s capabilities broadly match its stated Google Workspace admin purpose, and the Membrane CLI install path is same-vendor and registry-based rather than an obvious malware dropper. The main risk is architectural: Google Workspace access is mediated by Membrane, so credentials and data flow through a third-party integration layer, and the skill enables high-impact admin actions. This is coherent but medium risk, not confirmed malicious.