cortex-xsoar

SUSPICIOUS: the install path is relatively legitimate, but the skill’s core design routes Cortex XSOAR authentication and API activity through Membrane rather than directly to official Cortex XSOAR APIs. That third-party mediation is disproportionate for a service-specific integration and creates notable credential-handling and data-flow risk, even without clear evidence of malware.