keyapi-linkedin-user-analytics

SUSPICIOUS. The skill is internally coherent for LinkedIn intelligence gathering and does not show classic malware patterns or deceptive installers, but it routes all activity and the API token through a third-party hosted MCP gateway instead of official LinkedIn APIs, and it stores potentially sensitive profile/contact data locally. Main risk is intermediary trust and privacy exposure, not confirmed malicious intent.