wistia

SUSPICIOUS: The skill's purpose and capabilities mostly align, and the CLI install source appears legitimate and publisher-consistent. However, the integration is not a direct Wistia client: authentication, credential refresh, and API traffic are routed through Membrane infrastructure, which adds a significant third-party trust and data-flow layer; combined with unpinned `@latest` usage, this makes the skill medium risk rather than benign.