apify

SUSPICIOUS. The skill is broadly aligned with its stated purpose and uses a plausible official npm-distributed CLI, so it does not look malicious. However, it routes Apify authentication and API traffic through Membrane as an intermediary, expanding trust and data exposure beyond Apify’s native direct API model; that makes the skill medium risk rather than benign.