zyte-api

SUSPICIOUS. The skill is not overtly malicious and uses a verifiable npm-hosted CLI from the apparent publisher ecosystem, but its true function is a Membrane-mediated Zyte integration rather than direct Zyte API access. The main risk is third-party credential/data routing through Membrane plus an unpinned CLI install, making this a medium-risk skill with coherent purpose but expanded trust boundaries.