zooz

SUSPICIOUS. The skill is internally coherent and not overtly malicious, but it routes ZOOZ access, credentials, and action execution through Membrane rather than directly to ZOOZ. That third-party broker model is disclosed and proportionate to the skill’s purpose, so this is not malware; however, the indirect data flow, server-side credential handling, mutable @latest CLI install, and potential payment-impacting actions make it medium risk.