agora

SUSPICIOUS: The skill is coherent as a Membrane-based integration wrapper, but not as a direct Agora integration. Main concern is third-party mediation: auth, API calls, and data flow through Membrane instead of official Agora endpoints. Install trust is fairly normal via npm, so this is not confirmed malware, but the intermediary credential/data routing makes the skill medium-high risk.