zephyr-scale

SUSPICIOUS. The skill’s capabilities broadly match its stated Zephyr Scale purpose, and the CLI install appears to be an official same-vendor npm package rather than an obvious malicious payload. The main concern is data-flow integrity: all authentication and API traffic are brokered through Membrane instead of direct SmartBear endpoints, giving a third-party platform access to Zephyr data and potentially tokens. This is not confirmed malware, but it is a meaningful trust and privacy risk that elevates the skill above benign.