github

SUSPICIOUS: the skill's capabilities mostly match its GitHub-management purpose, and the CLI comes from an official npm package tied to the same vendor. However, all auth and GitHub operations are routed through Membrane rather than directly to GitHub, which adds third-party credential/data exposure and broader trust than the description implies. This looks like a legitimate but medium-risk intermediary integration, not confirmed malware.