duo-security

SUSPICIOUS: The skill's purpose broadly matches Duo Security integration, and its CLI install source appears legitimate. However, the core data flow is through Membrane as an intermediary rather than direct Duo endpoints, creating a notable trust and data-routing concern; combined with proxy capabilities and unpinned `@latest` usage, this is medium risk rather than clearly benign.