Security Audit
agiled-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
agiled-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Excessive Permissions via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Excessive Permissions via RUBE_REMOTE_WORKBENCH The skill explicitly mentions `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. This suggests that the LLM agent can invoke a general-purpose 'workbench' environment to execute arbitrary Composio tools. If the Composio ecosystem includes tools with broad capabilities (e.g., filesystem access, network requests, arbitrary code execution), this grants the LLM agent excessive permissions, potentially leading to data exfiltration, command injection, or unauthorized system access. The scope of `run_composio_tool()` is not sufficiently constrained or clarified. Restrict the capabilities of `RUBE_REMOTE_WORKBENCH` to a predefined, safe set of operations. If `run_composio_tool()` can execute any Composio tool, consider removing this tool from the skill's available operations or implementing strict sandboxing and allow-listing for the tools it can invoke. Clearly document the exact scope and limitations of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. | Static | SKILL.md:70 |
Scan History
Embed Code
[](https://skillshield.io/report/a94cd4fa4de57ac8)
Powered by SkillShield