web-reader

SUSPICIOUS: The skill’s capabilities mostly fit its stated web-reading purpose, and the visible network flow appears to target Z.AI web-reader functionality rather than an obvious exfiltration endpoint. The main concern is install/execution trust: the exact `z-ai-web-dev-sdk` package provenance is not clearly verified from official documentation, while the skill routes arbitrary external web content through a backend SDK/CLI and encourages downstream processing of untrusted content, creating medium supply-chain and prompt-injection risk.