app-studio-build

SUSPICIOUS: the workflow is coherent for building Domo App Studio assets, but its entire footprint depends on an unverified external CLI that likely handles Domo credentials and performs privileged tenant mutations. There is no clear evidence of malicious exfiltration, yet the unresolved provenance of community-domo-cli makes the install/execution trust and credential-forwarding risk high.