digital-ocean

SUSPICIOUS: The skill's capabilities largely match its stated DigitalOcean-management purpose and its CLI install path appears vendor-consistent via npm, so this is not overt malware. However, the actual data flow is materially broader than a direct DigitalOcean integration: credentials and API traffic are mediated by Membrane, a third-party service, and the skill enables live create/delete operations on cloud resources. That makes the skill coherent but medium risk, mainly due to third-party credential/data handling and operational impact.