outlook-automation

SUSPICIOUS: the skill's capabilities match its Outlook automation purpose, and the endpoint appears to be the publisher's official Rube/Composio service, so this is not confirmed malware. However, all mailbox/calendar/contact access and OAuth delegation flow through a third-party MCP gateway, which is a significant trust and data-handling risk compared with direct Microsoft API use.