chimp-rewriter

SUSPICIOUS: The skill is internally coherent as a Membrane-based Chimp Rewriter integration, and its npm-installed CLI appears publisher-consistent. The main risk is data-flow integrity: Chimp Rewriter credentials and API traffic are intentionally mediated by Membrane rather than going directly to the official Chimp Rewriter API, creating a third-party visibility and credential-broker trust boundary. This is not clearly malicious, but it is a meaningful security risk and broader than a direct-service integration.