airslate

This skill is a documentation/integration descriptor that routes Airslate operations through the Membrane CLI and Membrane backend. There is no explicit malicious code, no curl|bash or remote-execute patterns, and no attempts to read local credential files. The primary risk is architectural: Membrane acts as a proxy that will receive credentials, request payloads, and responses. If users or organizations do not trust Membrane as a third-party intermediary, this is a significant privacy/credential risk. Installing the third-party CLI from npm is a standard supply-chain vector and should be treated with normal npm trust practices (pin versions, review package, run in least-privileged contexts). Overall, I assess low likelihood of explicit malware but a moderate security risk due to credential/data forwarding to a third party.