envoy

SUSPICIOUS: installation provenance is mostly legitimate, but the skill has notable purpose inconsistencies and routes Envoy authentication/data through Membrane as a third-party intermediary. The footprint is not fully coherent with the stated purpose, so it carries medium risk despite lacking strong signs of outright malware.