abyssale

This skill is functionally coherent: it documents using the Membrane CLI to manage Abyssale connections and proxy requests. There are no signs of covert credential harvesting, obfuscated code, direct download-and-execute instructions, or instructions to post secrets to attacker endpoints. The primary security considerations are (1) trust in the Membrane service because it centralizes credentials and proxies API traffic, and (2) the usual supply-chain risk of installing a global CLI from npm. If the operator trusts Membrane and installs the official @membranehq/cli package, this skill's footprint is proportionate to its purpose and presents moderate but expected supply-chain risk rather than malicious behavior.