mapbox

SUSPICIOUS. The skill is coherent as a Membrane-based Mapbox integration and uses an official npm-distributed CLI, so it does not show clear malware behavior. However, it routes Mapbox authentication and API traffic through Membrane instead of direct Mapbox endpoints, creating third-party credential forwarding and proxying risk that is higher than a direct Mapbox skill.