basecamp-automation

SUSPICIOUS: the skill’s Basecamp automation purpose is coherent, but it routes sensitive Basecamp operations and OAuth-backed access through Composio/Rube instead of official Basecamp endpoints. Same-org evidence reduces malware concern, yet the third-party mediation, inconsistent auth claims, and ability to post content or change project membership make this a high-impact, medium-to-high security risk skill.