ecologi

SUSPICIOUS: the skill’s purpose and capabilities mostly align, and the CLI install source appears official, but the integration is mediated through Membrane rather than direct Ecologi endpoints, so credentials and data are entrusted to a third-party platform. The presence of purchase actions adds real-world action risk. Not malware, but medium security risk due to third-party credential routing, mutable CLI install, and transaction capability.