salesforce-automation

SUSPICIOUS: The skill’s stated Salesforce automation purpose matches its capabilities, but its actual trust boundary is a third-party MCP intermediary (Rube/Composio) rather than direct Salesforce API use. The main concern is credential and CRM data routing through that provider, plus slightly overstated setup claims about needing no API keys. This looks more like a legitimate but higher-trust managed integration than malware.