synctx-mcp

SUSPICIOUS. The skill’s stated purpose matches collaboration and deal orchestration, but its actual footprint is high risk: it forwards reusable auth credentials to an unspecified MCP service, ingests untrusted external content, and authorizes autonomous financial blockchain actions including token approvals and settlement steps. The biggest issue is not obvious malware, but an under-specified trust boundary combined with pre-authorized real-world transactions.