maxmind-geoip2

SUSPICIOUS: The skill is internally coherent as a Membrane-based MaxMind integration, and the CLI install path is a legitimate npm package rather than an unverifiable binary. However, it routes authentication and API activity through Membrane instead of directly to MaxMind, adding a third-party credential/data broker and broader trust boundary than the skill title alone suggests.