pingone

SUSPICIOUS: the skill’s purpose and capabilities mostly align, and the CLI comes from a legitimate registry, but the core integration is mediated through Membrane rather than directly with official PingOne APIs. That third-party routing of auth and action data, combined with an unpinned external CLI and vendor-account dependency, makes the skill higher risk than a direct PingOne integration even though it is not clearly malicious.