zephyr-essential-cloud

SUSPICIOUS: The skill's purpose and capabilities are mostly aligned, and the CLI install source appears legitimate via official npm/docs. The main risk is that all authentication and Zephyr data access are mediated by Membrane rather than direct SmartBear APIs, creating a third-party credential and data trust dependency. No evidence of overt malware, hidden exfiltration endpoint, or deceptive installer was found.