lucidworks

SUSPICIOUS: the skill’s overall purpose is coherent for a Membrane-published connector, and the CLI install path is relatively trustworthy via npm. However, the actual footprint is broader than a direct Lucidworks integration because authentication, action discovery, and action execution are routed through Membrane’s platform, creating third-party credential and data mediation. This is not confirmed malware, but it is a medium-risk intermediary integration with notable trust and data-flow concerns.