cody

SUSPICIOUS: The skill is broadly consistent with an integration purpose, but it routes Cody access through Membrane instead of an official Cody toolchain, creating an intermediary trust and data-flow boundary. The npm install source is legitimate and not inherently malicious, so this is not confirmed malware, but the third-party CLI, delegated auth, and mutable install make it a medium-risk skill.