skills/sickn33/antigravity-awesome-skills/clickup-automation/Socket

clickup-automation

Warn

Audited by Socket on Apr 17, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: The skill's capabilities are broadly aligned with ClickUp automation, but its data flows are mediated through Composio's hosted Rube MCP rather than directly to ClickUp. That third-party routing is disclosed and appears same-org/legitimate, so this is not confirmed malware; however it materially expands trust and gives an intermediary access to ClickUp data and action execution, making overall risk medium.

Confidence: 88%Severity: 62%

Audit Metadata

Analyzed At

Apr 17, 2026, 08:24 PM

Package URL

pkg:socket/skills-sh/sickn33%2Fantigravity-awesome-skills%2Fclickup-automation%2F@8314de7a55c22f775e343df0763a0425ff8ea773