strongdm

SUSPICIOUS: the skill's purpose is broadly consistent with StrongDM management, and its install source is an official same-vendor npm package, so this is not confirmed malware. However, it inserts Membrane as a required intermediary for authentication and API proxying, meaning StrongDM data and access flow through a third-party service rather than directly to StrongDM, which is a notable trust and data-flow expansion.