zai-cli

SUSPICIOUS. The purpose is coherent, but the trust model is not: a personal, unpinned npm CLI is positioned between the user and official Z.AI services and receives the user's Z.AI API key. This is not confirmed malware, but it is a significant supply-chain and credential-forwarding risk, amplified by broad shell permissions.