zephyr-squad-legacy

SUSPICIOUS: The skill’s purpose and capabilities are mostly aligned, and the CLI install source is official and same-org, so this is not malware-like. The main risk is architectural: all Zephyr access and auth are funneled through Membrane as a third-party intermediary rather than direct SmartBear APIs, and the skill encourages dynamic remote action creation. That makes the footprint broader and less direct than a simple Zephyr integration, yielding moderate security risk but not confirmed malicious behavior.