llamaindex

SUSPICIOUS. The skill is broadly coherent for a Membrane-based integration, and the CLI comes from an official npm package with vendor-matching docs. However, the stated LlamaIndex functionality is actually performed through Membrane as an intermediary that handles authentication, stores connection credentials, and proxies actions, which increases trust and data-flow exposure compared with direct official API use. No clear malware, stealth, or overt credential theft indicators were found.