piano

SUSPICIOUS: the operational footprint mostly matches a normal Membrane integration skill, with official npm-based CLI install and browser auth, but the documentation is materially inconsistent about what 'Piano' is and routes API access through Membrane as an intermediary. This is not confirmed malware, but the mismatch in purpose and indirect data flow make it riskier than a clean, direct API integration guide.