maxmind-minfraud

SUSPICIOUS: the skill's purpose is coherent, and the CLI install path is relatively normal, but the integration routes MaxMind access through Membrane rather than directly to official MaxMind APIs. That third-party intermediary handles authentication and request forwarding, which is a material data-flow and trust expansion beyond a simple direct API skill. Not malware, but medium risk due to proxy-based credential/data handling and mutable `@latest` installs.