veriff

SUSPICIOUS: The skill is largely coherent with its stated purpose, and the CLI install path appears legitimate via official npm/docs. However, all Veriff access and credential handling are mediated through Membrane rather than direct Veriff APIs, creating a meaningful third-party trust and data-flow expansion. This is not confirmed malware, but it is a medium-risk integration pattern due to intermediary credential custody, proxying, and unpinned CLI installation.