firehydrant

SUSPICIOUS. The skill’s purpose and capabilities are mostly aligned, and the CLI comes from an official npm package, so this is not confirmed malware. However, it routes FireHydrant authentication and API traffic through Membrane as a third-party intermediary and uses unpinned `@latest` CLI execution, creating meaningful supply-chain and credential/data-flow risk that exceeds a low-risk direct API integration.