airtable

No explicit malicious code or obfuscated/backdoor behavior was found in the provided document. The principal risks are: (1) supply-chain risk from installing a global npm CLI without pinned versions or checksum verification, and (2) a centralized trust/delegation risk because all Airtable requests and credentials are proxied through Membrane. Operational risks include potential destructive actions if misused and lack of documented data retention/privacy controls. Recommend vetting @membranehq/cli package provenance, pinning versions, reviewing Membrane's security and privacy policies before use, and applying least-privilege controls and audit logging when performing destructive operations.