nginx

SUSPICIOUS: the skill is not overtly malicious and uses an official npm-hosted first-party CLI, but its real footprint is a Membrane platform integration more than a direct NGINX skill. The main concern is data-flow integrity: NGINX interactions and possibly credentials are brokered through Membrane, a third-party intermediary, and installs are unpinned via `@latest`.