keycloak

SUSPICIOUS: the skill’s install path is relatively trustworthy, but its actual data flow is not a direct Keycloak integration. It depends on a third-party Membrane account, stores/refreshes auth server-side, and proxies Keycloak requests through Membrane, creating unnecessary intermediary access to credentials and data.