fastly

SUSPICIOUS: the skill's purpose matches Fastly management, but its actual data flow is through Membrane as a third-party credential and API proxy rather than directly to Fastly. Install provenance is reasonably legitimate via npm, so this is not confirmed malware, but the brokered auth model, mutable CLI install, and ability to perform account-changing actions make the overall risk medium.