scrapingbot

SUSPICIOUS: The skill's purpose broadly matches web-scraping integration, and the CLI comes from an official npm package, so this is not clearly malicious. However, all ScrapingBot access and authentication are routed through Membrane as a third-party intermediary, and the skill uses mutable CLI execution paths plus remote action generation, creating medium trust and data-flow risk disproportionate to a simple API integration.