centrifuge

SUSPICIOUS. The skill’s capabilities mostly match its stated purpose, and the CLI install path appears legitimate via npm and official Membrane documentation. The main concern is architectural: Centrifuge access and credentials are mediated through Membrane’s proxy and server-side credential storage rather than direct Centrifuge APIs, creating a third-party trust boundary and credential forwarding risk. This is coherent with the product’s design but higher risk than a direct integration.