vryno

SUSPICIOUS: The skill’s capabilities broadly match its purpose, and the CLI install path uses an official npm package rather than a suspicious download-execute chain. However, it routes Vryno operations and authentication through Membrane as an intermediary, and uses unpinned mutable CLI installs (`-g` and `@latest`). This is not clearly malicious, but the third-party credential/data mediation and broad proxy capability make it medium risk rather than benign.