zoho-forms

SUSPICIOUS: The skill’s overall purpose and capabilities mostly align, and the CLI install path appears legitimate via official npm scope. However, the integration routes authentication and API traffic through Membrane as an intermediary rather than directly to Zoho Forms, increasing trust and data-flow exposure beyond a simple Zoho skill. This is not confirmed malware, but it carries medium security risk due to third-party credential/data mediation and unpinned CLI installation.