assertible

SUSPICIOUS: the skill is coherent in purpose, uses an official npm-distributed CLI, and does not obviously harvest local secrets, so it is not malware. However, it proxies Assertible access through Membrane, centralizes credentials and data in an intermediary service, and can create/run hosted actions from natural-language prompts, making the trust and data-flow footprint broader than a direct Assertible integration.