cloudflare-r2

SUSPICIOUS. The skill is coherent in function, and the CLI source appears same-vendor and registry-hosted, so this is not confirmed malware. However, it presents a Cloudflare R2 integration while routing authentication, action execution, and data through Membrane as a third-party intermediary rather than Cloudflare's official API, with mutable `@latest` installs adding supply-chain risk.