vercel-automation

SUSPICIOUS: The skill’s capabilities broadly match its Vercel automation purpose, and the MCP endpoint appears to be an official Composio/Rube service rather than an unknown installer. However, it routes all Vercel access through a third-party hosted MCP, enables high-impact write operations, and includes setup guidance that is outdated/incomplete about current API-key requirements. This looks like a legitimate but medium-risk proxy integration, not confirmed malware.