travelport

SUSPICIOUS. The skill is mostly coherent with its stated Travelport integration purpose and uses an official npm-distributed vendor CLI, so it does not look outright malicious. However, all Travelport access is mediated through Membrane, meaning credentials and data may be handled by a third-party proxy/service rather than directly by Travelport; this is a real trust and data-flow concern, though disclosed and proportionate to the product design.