whautomate-automation

SUSPICIOUS. The skill's purpose and capabilities are broadly aligned, but it routes discovery, auth, and execution through Composio's hosted MCP instead of directly to Whautomate, creating third-party data-flow and credential-handling risk. This looks like a legitimate integration pattern rather than confirmed malware, but the hosted intermediary model, inconsistent auth messaging, and remote schema dependence make it medium risk.