shipworks

SUSPICIOUS: The skill is mostly coherent and uses an official same-brand npm CLI, so it is not overtly malicious. The main risk is architectural: ShipWorks access and credentials are mediated through Membrane’s proxy/service instead of directly to ShipWorks, creating a moderate third-party data-handling and credential-forwarding concern, plus minor supply-chain risk from unpinned `npx @latest` usage.