verimi

SUSPICIOUS: the skill is broadly coherent for a Membrane-based Verimi integration, and its CLI comes from an official registry path, so this is not confirmed malware. However, it routes authentication and Verimi operations through Membrane rather than direct Verimi APIs, requires trust in a third-party CLI/platform, and uses mutable @latest installs, making it medium risk and worth caution.