punchh

SUSPICIOUS. The skill's stated purpose matches its capabilities, and the CLI install path appears officially documented via npm, so this is not outright malicious. However, the skill routes Punchh access and credentials through Membrane rather than the official Punchh API directly, creating a third-party credential/data intermediary and a moderate trust boundary; combined with mutable `@latest` CLI installation, this makes the overall risk medium.