verifalia

SUSPICIOUS: the skill’s core purpose is coherent, and its install source is a legitimate npm package rather than an opaque binary or raw script. However, it routes Verifalia access, credentials, and activity through Membrane as an intermediary, with documented server-side credential storage and request logging, so the actual data flow is broader than a direct Verifalia integration. This is not confirmed malware, but it creates medium security risk through third-party credential forwarding and mutable CLI installs.