wistia

SUSPICIOUS. The skill is broadly coherent as a Wistia integration, and its CLI comes from an official npm package rather than an unknown binary. The main concern is data-flow integrity: all auth and API traffic is routed through Membrane as an intermediary, plus the install/run steps use unpinned `@latest` versions. That makes it higher risk than a direct Wistia integration, but not fundamentally incompatible with the stated purpose.