tradogram

SUSPICIOUS: The skill is mostly coherent with its stated purpose and uses an official npm-distributed CLI, so it does not look overtly malicious. However, it intermediates Tradogram authentication and data access through Membrane rather than official Tradogram endpoints, creating meaningful third-party credential and data-flow trust that is higher than a direct API integration.