api-gateway

SUSPICIOUS: the skill's stated purpose matches its behavior, and install trust is relatively clean, but its core model routes sensitive API traffic for many external services through Maton-managed proxy endpoints instead of official vendor APIs. That centralized intermediary access, plus documented request/response retention for debugging, makes the data flow materially higher risk than a direct-service integration skill.