cognito

SUSPICIOUS. The skill's purpose and capabilities mostly align, and installation uses a normal npm package rather than an opaque binary. However, all Cognito authentication and API traffic are mediated by Membrane rather than going directly to AWS, creating a third-party credential/data handling boundary, and the CLI install examples are unpinned. This looks like a legitimate integration pattern with medium trust and data-flow risk, not confirmed malware.