snatchbot

SUSPICIOUS. The skill’s purpose and commands are mostly coherent, and installation uses an official npm package rather than an unknown binary. However, all SnatchBot access and credential handling are routed through Membrane as an intermediary, not directly to SnatchBot, which creates medium trust and data-flow risk. This looks like a legitimate integration pattern with elevated third-party mediation risk, not confirmed malware.