connect-apps

SUSPICIOUS: The skill's broad external-action purpose matches its capabilities, but it introduces a third-party plugin and intermediary routing layer that receives API keys/OAuth-backed authority to act across many services. The main concerns are transitive plugin installation, unclear verification of the exact install path, and real-world actions executed through Composio rather than direct official service integrations.