alibaba-cloud

SUSPICIOUS: the skill is coherent as an Alibaba Cloud integration, and the CLI source appears legitimately tied to Membrane, so this is not strong malware evidence. However, it routes authentication and API traffic through Membrane rather than direct Alibaba tooling, creating meaningful third-party credential and data-flow risk, with broad cloud-management capability and unpinned latest CLI install.