growth-book

SUSPICIOUS: the skill's core behavior is coherent for a Membrane-based GrowthBook integration, and the CLI source is reasonably trustworthy via npm. However, it introduces a third-party control plane and proxy between the agent and GrowthBook, so credentials and data flow through Membrane rather than directly to official GrowthBook endpoints. This is not clearly malicious, but it creates medium security risk and a nontrivial trust/delegation concern.