wix

SUSPICIOUS. The skill’s capabilities broadly match its Wix eCommerce purpose, and the CLI install path is same-vendor and official via npm. However, all Wix auth and data access are routed through Membrane rather than direct Wix APIs, creating an intermediary trust boundary and credential/data exposure to a third party. This is disclosed and plausibly legitimate, but it is broader than a direct API integration and warrants caution.