ably-automation

SUSPICIOUS: The skill's purpose and capabilities mostly align, and the Rube endpoint appears to be an official Composio service. However, it mediates Ably actions and auth through a third-party hosted MCP layer rather than direct Ably APIs, and the 'no API keys needed' phrasing is potentially misleading because credentials are still handled via managed connection flow. This is not confirmed malware, but it carries moderate trust and credential-forwarding risk.