panzura

SUSPICIOUS: The skill's stated purpose matches Panzura integration, and its CLI install path appears legitimate via official npm/Docs. However, all authentication and API traffic are funneled through Membrane as a third-party intermediary rather than directly to Panzura, creating notable data-flow and credential-handling risk. Broad administrative scope and mutable `@latest` usage add moderate risk, but there is no clear evidence of malware or deceptive install behavior.