keycloak

SUSPICIOUS. The skill is mostly coherent for Keycloak administration, and the install path is a normal npm-based CLI from the same vendor ecosystem. However, it routes authentication and API traffic through Membrane rather than directly to official Keycloak endpoints, creating a meaningful third-party credential and data mediation risk that is broader than a direct Keycloak integration.