postmark-automation

SUSPICIOUS. The skill’s Postmark capabilities match its stated purpose, and the Rube/Composio relationship appears official, so this is not overtly malicious. Risk comes from routing sensitive email operations and Postmark authentication through a hosted intermediary, outdated auth claims, and enabling autonomous outbound email/server changes without explicit approval controls.