coda-automation

SUSPICIOUS: The skill is largely purpose-aligned and uses an apparently official same-org Rube/Composio service, so it is not strong evidence of malware. However, it understates auth requirements and routes Coda credentials/data through a third-party intermediary with powerful write/share/publish capabilities, making it medium risk.