jupiterone

SUSPICIOUS. The skill is mostly coherent with its stated JupiterOne integration purpose and uses a normal npm-installed CLI, so it is not strongly malicious. However, the actual data flow is through Membrane as an intermediary for auth, action execution, and proxy requests rather than directly to JupiterOne, which increases trust and exposure beyond a straightforward first-party integration.