affinity-automation
Warn
Audited by Socket on Jun 24, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill is mostly aligned with its stated purpose and shows same-org provenance for Composio/Rube, but it routes Affinity access and workflow data through a third-party MCP intermediary and has notable documentation/setup inconsistencies. No direct malware indicators, obfuscation, credential-file theft, or unsafe installers were found.
Confidence: 82%Severity: 56%
Audit Metadata