connect

SUSPICIOUS. The skill is broadly aligned with its stated purpose and uses MCP patterns documented by Anthropic, but it normalizes credential injection into third-party MCP servers and funnels unknown cases into unpinned npm/custom connector setup. No direct malware or explicit exfiltration is shown, yet the external connector trust model is under-specified enough to warrant medium risk.