adversus

This skill is primarily documentation for using the Membrane CLI to integrate with Adversus. I found no embedded malicious code or hardcoded secrets in the skill text. The main supply-chain/security considerations are (1) the requirement to install and trust a third-party global CLI (@membranehq/cli) from the npm registry and (2) the design choice to route Adversus requests and credentials through Membrane's backend rather than calling Adversus directly. Both are legitimate design choices but concentrate trust in Membrane: if Membrane or its CLI were compromised, attackers could execute code via the CLI or access proxied requests and credentials. Recommend: verify the CLI package origin and publisher, install pinned versions where possible, audit the Membrane CLI code or review its repository, and consider threat model trade-offs before centralizing credentials to the proxy.