guru

SUSPICIOUS: The skill's capabilities fit its stated Guru-integration purpose, and the CLI install path appears to be official npm distribution rather than a covert payload. The main risk is architectural: authentication and API traffic are intentionally routed through Membrane as an intermediary, expanding trust and exposing a third-party credential/data path; this is disclosed, not hidden, so it is better classified as medium security risk rather than malware.