anthropic

SUSPICIOUS: The skill is internally coherent as a Membrane connector, and its install source appears publisher-aligned and official enough to avoid a malware judgment. However, it markets Anthropic access while routing auth and API activity through Membrane rather than Anthropic’s native API flow, creating a third-party intermediary for credentials and data. Combined with the unpinned global CLI install and dynamic action creation, this makes the skill medium risk rather than benign.