raet

SUSPICIOUS: the skill is partly coherent as a Membrane-based Raet wrapper, but its real footprint is broader than a direct Raet integration. Install trust is moderate because the CLI comes from the official npm package, yet the skill forwards authentication and data through Membrane, uses mutable latest execution, and can create/run dynamic remote actions. This is not confirmed malware, but it has meaningful platform, credential-routing, and remote-execution risk.