snapshot

SUSPICIOUS: The skill is mostly coherent as a Membrane-based SnapShot connector and uses an official npm package, so it does not show clear malware traits. However, all service access and credential handling are routed through Membrane's intermediary CLI/proxy rather than directly to SnapShot, which creates a meaningful data-flow and trust expansion that is only partially reflected in the skill's stated purpose.