discord-automation

SUSPICIOUS. The skill is purpose-aligned for Discord automation and uses an apparently official Composio/Rube MCP endpoint, so it does not look like confirmed malware. However, it enables high-impact external actions, routes Discord operations and auth through a third-party managed service, and contains a misleading 'no API keys needed' claim versus vendor docs, making the overall risk medium-high.