skillzrun

The SkillzRun integration is broadly coherent with its stated purpose: it uses Membrane as the authorized conduit to discover and execute SkillzRun actions, with credentials managed by Membrane and interactions routed through Membrane proxy. The footprint is proportionate and aligns with a developer-oriented integration pattern. Some minor risk signals include reliance on a CLI with potentially broad permissions and the absence of explicit per-action permission scoping in the documentation, but there are no evident credential Harvesting, unverifiable binaries, or autonomous destructive capabilities. Overall, the risk posture is Low-to-Medium and acceptable for a legitimate developer tool under the described workflow.