linkedin-leads

SUSPICIOUS: the skill’s purpose and capabilities largely align, but it routes sensitive LinkedIn session-backed activity through a third-party Reduck bridge/MCP service and another skill, creating medium supply-chain and data-flow risk. No clear malware indicators or unrelated capabilities were found, but the cookie/session exposure and intermediary execution path are more trust than the stated task strictly needs.