swell

SUSPICIOUS: the skill’s stated purpose matches its capabilities, and the CLI provenance appears legitimate via official npm/org branding. However, the actual data flow is through Membrane as a third-party intermediary rather than directly to Swell, and the skill encourages exclusive use of that intermediary while using unpinned `@latest` CLI installs. This is not clearly malicious, but it introduces medium security risk through credential/data forwarding and mutable dependency execution.