airops

SUSPICIOUS. The skill is internally coherent for a Membrane-mediated AirOps integration and uses an official npm package, so it does not look malicious. However, it routes authentication, action execution, and potentially sensitive AirOps data through Membrane instead of direct AirOps APIs, creating meaningful third-party trust and data-flow risk; the unpinned @latest install adds moderate supply-chain exposure.