exabeam

SUSPICIOUS: The skill's stated purpose broadly matches Exabeam integration, and the CLI install path is vendor-consistent via npm. The main issue is data-flow integrity: Exabeam requests and auth are brokered through Membrane's proxy/service rather than official Exabeam endpoints, creating a third-party trust boundary for sensitive SIEM data and credentials. This is a medium-risk integration skill, not confirmed malware.