hunter

SUSPICIOUS: The skill's capabilities broadly match its stated Hunter-integration purpose, and the CLI install path is from an official npm package rather than an unverifiable binary. The main concern is data-flow integrity: Hunter requests and authentication are routed through Membrane's intermediary service instead of directly to Hunter, expanding the trust boundary and placing credentials/data with a third-party platform. This is disclosed and product-consistent, so it is not malicious, but it is a medium-risk integration pattern rather than a low-risk direct API client.