crezco

SUSPICIOUS: The skill is broadly coherent for a Membrane-based Crezco integration, and the CLI install path is from an official registry rather than an unknown binary source. However, all Crezco access, authentication, and action execution are funneled through Membrane as an intermediary instead of direct Crezco APIs, which expands trust and data exposure; combined with a mutable `@latest` install and possible financial-action capability, this makes the skill medium risk rather than clearly benign.