tellmoney

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires fetching and running the external Membrane CLI package (installed/run via "npm install -g @membranehq/cli@latest" and "npx @membranehq/cli@latest ..."), which downloads and executes remote code at runtime and is a required dependency for the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is a dedicated Tell.money integration — a financial data aggregation platform — and explicitly lists financial action types such as "Payment Request" and "Payment Order". It instructs the agent to create/connect a Tell.money connection via the Membrane CLI and to discover and run actions (membrane action run ... --input '{"key":"value"}') against that connection. Because Membrane builds and executes connector actions and the skill surface includes actions that represent payment orders/requests (i.e., sending transactions), this is a specific tool intended to perform financial operations (not merely a generic browser or HTTP tool). Therefore it grants direct financial execution capability.