composio-automation

SUSPICIOUS. The skill’s purpose is plausible, but its setup instructions are outdated and inconsistent with current official Composio documentation: deprecated endpoint, legacy tool names, and a misleading claim that no API key is needed. The main risk is remote MCP mediation of user data and actions through Composio/Rube-managed infrastructure, not confirmed malware.