ngrok

SUSPICIOUS: The skill's functionality is broadly coherent with Ngrok management, and installation uses a legitimate npm-distributed CLI rather than an opaque binary. However, it is not a direct Ngrok integration: authentication, credential refresh, and even raw API requests are routed through Membrane infrastructure, so Ngrok data and delegated auth flow through a third-party intermediary. This makes it medium risk from a data-flow and trust perspective, but not malicious based on the provided evidence.