railz

SUSPICIOUS: the skill is internally coherent for a Membrane-published Railz integration, and its CLI install path is low-risk official npm distribution. However, its actual data flow routes sensitive Railz accounting access through Membrane’s intermediary proxy and account system instead of Railz’s official direct API, creating a meaningful third-party credential/data exposure that is disproportionate for a plain 'Railz integration' skill.