replicated

SUSPICIOUS: the skill is internally coherent as a Membrane-based integration, and its CLI install path is from an official npm package, but it routes Replicated access, authentication, and workflow execution through Membrane rather than Replicated's official APIs/tools. That third-party intermediary model is the main risk; this looks more like a managed gateway skill than direct Replicated access, so users should understand their data and auth context are handled by Membrane.