edgedb

SUSPICIOUS: the skill's core capabilities fit database management, but it is not a direct EdgeDB integration; it routes authentication and API activity through Membrane's CLI and service. Because the installer is an official npm package, this is not malware-level evidence, but the third-party trust boundary, mutable CLI execution, and remote action/proxy model create medium security risk.