knowfirst

SUSPICIOUS: the skill is coherent for a Membrane-published KnowFirst integration and uses an official npm-distributed CLI, but its real data flow is through Membrane as a third-party intermediary rather than directly to KnowFirst. That makes the main risk credential and data mediation by an external platform, plus some additional risk from unpinned global CLI install and dynamic action creation.