moai-baas-railway-ext

This skill is largely coherent with its stated purpose (Railway deployment automation). I found no direct malicious code, hardcoded attacker endpoints, or obfuscated payloads. The primary security concerns are supply-chain and credential-forwarding risks: the CI workflow installs a third-party CLI (@railway/cli) from the npm registry and uses a secret token to perform deployments, and the skill has broad tool permissions (Bash, WebFetch) plus auto-load behavior which increases risk if misused. These are legitimate patterns for deployment automation but raise moderate supply-chain/security risk and require standard mitigations (pin versions, restrict permissions, short-lived tokens, human review for auto-run behaviors).