pica

SUSPICIOUS: The skill's integration purpose broadly matches its capabilities, and the install source appears same-org and official via npm. However, the core design routes all connected-service actions through Pica's intermediary proxy instead of official platform APIs, exposes connection keys to the agent, and enables consequential external actions without clear per-action approval. The setup instructions also do not fully align with current official MCP documentation, increasing trust inconsistency.