incorta

SUSPICIOUS: the skill's stated purpose broadly matches Incorta integration, and the Membrane CLI/install path appears to be official. However, all Incorta access and credential handling are funneled through Membrane's intermediary platform, which stores credentials server-side and broadens the data trust boundary beyond Incorta. This is not clearly malicious, but the third-party proxy model, mutable CLI install, and ability to create/run potentially state-changing actions make the overall risk medium.