craftboxx

SUSPICIOUS: The skill is broadly coherent with its stated purpose and uses an official npm-distributed Membrane CLI, so it does not show clear malware behavior. However, it intermediates both credentials and API traffic through Membrane rather than talking directly to Craftboxx, which raises medium trust and data-flow concerns, especially with unpinned `@latest` CLI execution.