trello-automation

SUSPICIOUS: The skill's Trello automation purpose matches its capabilities, but all access and auth are routed through the third-party Rube/Composio MCP service instead of direct Trello APIs. That intermediary model creates medium risk around data handling and autonomous external actions, though there is no evidence of overt malware or unrelated credential theft.