citrix

SUSPICIOUS: the skill's purpose and capabilities mostly align, and the CLI comes from the publisher's npm package, so this is not strong evidence of malware. However, all Citrix access and authentication are routed through Membrane as an intermediary, creating meaningful third-party credential and data-flow risk beyond a direct Citrix integration.