railz

SUSPICIOUS: The skill’s capabilities mostly match its purpose, and the Membrane CLI install path is same-vendor and registry-based, not an obvious malware vector. However, the integration is not direct: authentication and Railz API access are mediated through Membrane’s platform and proxy, so sensitive accounting data and tokens flow through a third party beyond Railz itself. This is coherent with the documented architecture but creates moderate trust and data-flow risk, especially with an unpinned `@latest` CLI.