aftership

This skill is a documentation/manifest for integrating AfterShip through the Membrane platform. The content is internally consistent: capabilities, install steps, and data flows align with the stated purpose. The primary security concerns are supply-chain and operational trust: installing the @membranehq/cli from npm and routing all API requests and credentials through the Membrane service centralizes trust and increases exposure if Membrane or its CLI were compromised. The skill text itself contains no direct malicious instructions, no credential-harvesting prompts, and no download-and-execute shell commands. Recommendation: treat this skill as acceptable for use only if you trust the Membrane provider and audit the CLI/package provenance; otherwise avoid installing global CLIs from unverified sources.