doppler

SUSPICIOUS. The skill's core function is coherent with Doppler management, and the installer source is legitimate npm-based tooling from the same vendor ecosystem. However, the data flow is not direct Doppler integration: all authentication and API traffic are routed through Membrane, adding a third-party credential/data mediation layer that is broader than a typical service-specific skill. This is not confirmed malware, but it is a moderate security risk due to proxy-based access to secrets management data.