privyid

SUSPICIOUS: The skill’s capabilities broadly match its stated purpose, and the CLI install path appears to be the vendor’s official npm distribution. However, all authentication and PrivyID interaction are mediated through Membrane rather than direct official PrivyID endpoints, creating a third-party trust and data-routing concern. This is not clearly malicious, but the intermediary architecture and unpinned CLI execution make it higher risk than a direct API integration.