geokeo

The skill is internally consistent with its stated purpose and uses a verifiable same-project CLI from npm, so it does not look malicious. The main security concern is architectural: Geokeo authentication and API traffic are routed through Membrane as an intermediary, creating moderate credential and data-flow risk that is disclosed but broader than a direct Geokeo integration.