snapscan

SUSPICIOUS: the skill is mostly coherent with its stated purpose and uses an official npm-distributed Membrane CLI, but it introduces a meaningful trust expansion by routing SnapScan authentication and API traffic through Membrane and can enable real-world payment-related actions. This is not confirmed malware, but it carries medium risk due to intermediary credential/data handling and financial-action potential.