insites

SUSPICIOUS: the skill is broadly coherent with its stated purpose and uses an official npm-distributed CLI, so it does not show clear malicious intent. However, it routes all Insites access through Membrane’s intermediary service and grants the agent broad authenticated read/write API capability, creating moderate trust and data-flow risk beyond a direct official API integration.