usercentrics

SUSPICIOUS: the skill is not overtly malicious and uses an official npm-distributed CLI consistent with the Membrane publisher, but it routes authentication and operational data through Membrane as an intermediary instead of directly to Usercentrics, and it overstates capabilities with a highly disproportionate generic action list. Main risks are third-party credential/data handling and unpinned latest-package execution, not confirmed malware.