aylien-news-api

SUSPICIOUS: the skill’s high-level purpose fits a news API integration, and the npm-based CLI install is not inherently malicious. But the actual data and credential flow is redirected through Membrane rather than official AYLIEN endpoints, and the docs contain a News API vs Text API mismatch. This is best classified as suspicious due to third-party credential/data mediation and moderate install-trust uncertainty, not confirmed malware.