qadeputy

SUSPICIOUS: The install path is relatively normal and same-vendor-aligned with Membrane, but the skill has a notable purpose mismatch and routes authentication/data through Membrane instead of Deputy's native API flow. This looks more like a mislabeled third-party integration wrapper than outright malware, with medium security risk from intermediary credential/data handling and unpinned CLI install.