serverless

SUSPICIOUS. The install source is coherent and official enough for low supply-chain concern, but the skill's core behavior routes authentication and API traffic through Membrane rather than directly to official Serverless interfaces. That third-party intermediary model and broader-than-stated connection scope make the skill internally inconsistent with a narrowly framed Serverless integration, though not clearly malicious.