metabase

SUSPICIOUS. The skill's purpose and capabilities are mostly coherent, and the CLI comes from an official npm package rather than an obviously rogue installer. However, all authentication and Metabase API traffic are funneled through Membrane as an intermediary, and the skill explicitly promotes that proxy model instead of direct official Metabase API usage. That third-party credential/data routing plus unpinned `@latest` CLI execution creates moderate security risk even without clear evidence of malware.