Security Audit
abyssale-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
abyssale-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Broad API Access via Integration Tool.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Broad API Access via Integration Tool The skill provides broad access to Abyssale operations through the `RUBE_MULTI_EXECUTE_TOOL`. This allows the LLM to potentially execute any Abyssale API call that the connected account has permissions for. While this is the intended functionality of an integration skill, users should be aware that granting this skill access effectively grants the LLM the ability to perform a wide range of actions within their Abyssale account. The scope of these actions is determined by the Abyssale account's permissions, not restricted by the skill itself beyond being 'Abyssale operations'. Users should ensure that the Abyssale account connected to Rube MCP has the principle of least privilege applied, granting only the necessary permissions for the intended tasks. Skill developers should consider if more granular control or explicit permission requests for specific Abyssale operations are feasible. | LLM | SKILL.md:56 |
Scan History
Embed Code
[](https://skillshield.io/report/ae3d2311511988fa)
Powered by SkillShield