geocodio

SUSPICIOUS: The core geocoding workflow is mostly coherent and uses an officially branded npm CLI, but the skill's metadata is inconsistent with Geocodio and all API/auth traffic is funneled through Membrane rather than directly to Geocodio. This looks more like a managed third-party integration wrapper than a pure Geocodio skill, so risk is medium from intermediary trust and mutable CLI install, not confirmed malware.