linkedin-automation

Overall, the skill appears Benign with elevated Suspicious signals due to the dependency on an external MCP server for tool schemas and the handling of OAuth tokens/URNs across multiple LinkedIn actions. No explicit payloads or unverifiable binaries are evident, but the external dependency and credential flows warrant careful review of token handling, scope management, and explicit user consent controls for automated actions. Recommend ensuring explicit per-action user approvals or clearly defined automation boundaries, validate MCP trustworthiness, and implement secure token storage and minimum necessary scopes.