orbisx

SUSPICIOUS: The skill is broadly consistent with its stated OrbisX integration purpose and uses an official npm-distributed Membrane CLI, so it does not look malicious. However, all auth and API traffic are routed through Membrane as a third-party intermediary, and the unpinned CLI install plus broad action surface create meaningful security and trust risk.