zoho-catalyst

SUSPICIOUS: The skill is coherent and uses same-org, official-looking npm distribution, so it is not overtly malicious. However, all Zoho authentication and API traffic are funneled through Membrane as a third-party intermediary, which creates medium data-flow and trust risk that exceeds a direct Zoho integration.