npm

SUSPICIOUS: the skill is internally coherent as a Membrane-based npm integration, and its install source is a verifiable first-party npm package rather than an unknown binary. However, it expands the trust boundary by routing npm auth and data through Membrane instead of official npm endpoints, and uses a mutable `@latest` CLI install. This looks more like a legitimate third-party integration wrapper than malware, but the intermediary credential/data flow makes it medium risk rather than benign.