flipkart

SUSPICIOUS: The skill's purpose and capabilities mostly align, and the CLI comes from npm rather than an obviously untrusted source. The main concern is data-flow integrity: Flipkart access and authentication are routed through Membrane as an intermediary, so credentials/session handling and API traffic are not direct to the official service. This is not clearly malicious, but it creates medium trust and privacy risk that exceeds a simple first-party API integration.