sage-intacct

SUSPICIOUS. The skill's purpose broadly matches accounting integration, and install sources appear official and low-risk. However, there is a notable auth inconsistency (oauth2 metadata vs Basic auth in body), and the integration intentionally routes credentials and API traffic through Apideck as an intermediary, including a generic proxy path. That makes the footprint higher-risk than a direct Sage Intacct guide, but not fundamentally malicious.