scrapin-io

The skill is mostly coherent with its stated purpose, and the install path appears to use an official same-org npm package rather than a suspicious binary. The main risk is architectural: it routes authentication and API traffic through Membrane instead of directly to Scrapin.io, creating moderate credential-forwarding and intermediary data-flow risk. Overall this is better classified as suspicious-by-design rather than malicious.