Attio Apikey

This skill's code and runtime instructions match its stated purpose (direct Attio API CRUD using an ATTIO_API_KEY); the main issue is a small metadata inconsistency in the registry manifest about required environment variables.

This skill appears to do exactly what it claims: it needs an ATTIO_API_KEY and uses it to call api.attio.com for CRUD operations. Before installing: 1) Note the registry metadata omission — the skill does require ATTIO_API_KEY (set as env var or in a .env placed alongside the script). 2) Create a dedicated Attio API key with the minimal permissions needed (read/write only if you need writes) and avoid using an account-wide key. 3) Run the skill in a controlled environment or sandbox if possible and monitor API usage. 4) Inspect or run the included attio_client.py yourself (it’s small and readable); there are no hidden endpoints in the provided code. 5) Rotate the key if it’s exposed and revoke it if unexpected activity appears.