roompricegenie

SUSPICIOUS. The skill is coherent as a Membrane-based RoomPriceGenie integration, and the CLI install path is official npm rather than an unverifiable binary. However, it routes authentication and app access through Membrane instead of the official RoomPriceGenie API, expanding trust and exposing user data/credentials to an intermediary platform; combined with an unpinned global @latest install, this makes the skill medium risk rather than benign.