cloudlayer

SUSPICIOUS: the skill is coherent with Membrane's stated integration model, but its actual footprint routes Cloudlayer authentication and data through Membrane rather than Cloudlayer's official API. The npm install source is reasonably trustworthy, so this is not strong malware evidence, but the third-party credential/data mediation and unpinned global CLI install create medium security risk.