certify

SUSPICIOUS: The skill's core purpose is coherent, and the CLI install source is relatively legitimate, but the actual data flow is through Membrane rather than directly to Certify. That third-party credential and request mediation materially increases trust and privacy risk, especially with unpinned CLI execution, though there is no clear evidence of outright malware or deception.