twingate

SUSPICIOUS: The skill is broadly consistent with its stated purpose, and the CLI comes from an official npm package, so this is not strong evidence of malware. However, the integration is effectively a Membrane-mediated proxy for Twingate, with server-side credential handling and indirect API routing; that third-party credential/data path raises medium security risk versus a direct official Twingate integration.