dyn

SUSPICIOUS: the skill's behavior is broadly consistent with a Membrane-based Dyn integration, and the CLI comes from npm rather than an opaque installer, so this is not confirmed malware. However, the skill's actual footprint is more about routing Dyn access, prompts, and action execution through Membrane's third-party platform than directly using Dyn, with unpinned `@latest` execution and thin Dyn-specific documentation. The main risk is third-party credential/data mediation and mutable CLI supply chain, not overt malicious behavior.