turso

SUSPICIOUS: The skill's core purpose is plausible, and the npm-installed Membrane CLI appears officially distributed. However, the actual data flow is not a direct Turso integration: authentication, credential storage/refresh, and API proxying all run through Membrane infrastructure. That intermediary design is broader than the stated Turso-only purpose and creates meaningful third-party credential and data exposure, though not enough evidence supports calling it malicious.