knowbe4

SUSPICIOUS: The skill is broadly coherent as a Membrane-based KnowBe4 integration, and its CLI install source appears legitimate via official npm. However, it routes authentication and KnowBe4 access through Membrane rather than directly to KnowBe4, creating a significant third-party credential and data trust boundary; this is not outright malicious, but it is a meaningful security and data-flow risk that should be understood before use.