LaunchDarkly Automation

SUSPICIOUS. The skill is broadly aligned with its stated LaunchDarkly automation purpose, and the Composio/Rube endpoint appears to be same-org documented infrastructure rather than an obvious rogue installer. The main risk is architectural: LaunchDarkly credentials and management actions are routed through a third-party MCP intermediary, and the skill can create or delete operational trigger workflows with real-world effect. This is not confirmed malware, but it carries medium security risk and should be used only with clear user approval and scoped credentials.