wirewheel

SUSPICIOUS: The skill’s purpose and capabilities mostly align, and install instructions use an official npm package rather than an unverifiable binary. The main concern is data-flow integrity: WireWheel access and authentication are mediated through Membrane, a third-party platform/CLI, with mutable `@latest` installs and proxy-based API access. This is not clearly malicious, but it introduces medium trust and privacy risk beyond a direct WireWheel integration.