announcekit

This is a documentation/skill descriptor that tells users to install and use the Membrane CLI to integrate with AnnounceKit. There is no executable malicious code in the file itself. The primary security considerations are (1) supply-chain risk from unpinned global npm installation of @membranehq/cli, and (2) centralized credential and data flow through Membrane's proxy (which requires trusting Membrane not to exfiltrate or mishandle data). If users trust Membrane and obtain the CLI from the official npm package, the skill's behavior is consistent with its stated purpose. Review and audit of the Membrane CLI and account permissions are recommended before use.