bidsketch-automation

SUSPICIOUS: The skill's purpose and capabilities mostly align, and the MCP endpoint appears to be official Composio infrastructure. The main concern is data-flow integrity: Bidsketch operations and authenticated access are funneled through Composio/Rube rather than directly to Bidsketch, which introduces intermediary visibility and broader trust requirements. This is not confirmed malware, but it carries moderate security risk due to third-party mediation of account actions and data.