secure-code-warrior

SUSPICIOUS: the skill is mostly coherent as a Membrane-powered Secure Code Warrior integration, and the CLI install path is official npm rather than a rogue binary. However, it routes authentication and data access through Membrane as an intermediary, uses mutable `@latest` execution, and has an implausibly overbroad description that exceeds a clear Secure Code Warrior scope. This is not confirmed malware, but it carries moderate trust and data-routing risk.