degreed

SUSPICIOUS: The skill is coherent as a Membrane-based Degreed connector, and its install path is from an official npm package rather than an unknown binary. However, it materially reroutes Degreed authentication and data through Membrane's intermediary platform and requires a separate Membrane account, which is broader trust than a direct Degreed skill implies. Main risk is third-party credential/data routing plus unpinned CLI execution, not confirmed malware.