twenty

SUSPICIOUS: the install path is benign and official, but the skill has a notable purpose mismatch and routes Twenty access through Membrane as an intermediary rather than directly to Twenty's official API. This is not confirmed malware, but it introduces meaningful trust and data-flow risk that is broader than the stated integration alone.