trello

SUSPICIOUS: the skill's Trello functionality is broadly consistent with its stated purpose, and the CLI install path appears legitimate and same-org via npm. However, all Trello authentication and data access are routed through Membrane as a third-party intermediary rather than directly to official Trello APIs, which adds medium trust and data-flow risk despite being openly disclosed.