Security Audit

apex27-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

apex27-automation received a trust score of 78/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Potential Prompt Injection via `use_case` in `RUBE_SEARCH_TOOLS`, Undefined Scope and Potential for Arbitrary Execution in `RUBE_REMOTE_WORKBENCH`.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

2 findings

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Prompt Injection via `use_case` in `RUBE_SEARCH_TOOLS` The `RUBE_SEARCH_TOOLS` function takes a `use_case` parameter, which is expected to be filled by the LLM based on user input. A malicious user could craft a `use_case` string containing instructions intended to manipulate the Rube MCP system or the underlying Apex27 tools, potentially leading to unintended actions or information disclosure. This is a common prompt injection vector where user-controlled input is passed to a system that might interpret it as instructions. Implement robust input validation and sanitization for the `use_case` parameter. Ensure that the Rube MCP system and Apex27 tools treat this parameter strictly as descriptive text and do not interpret it as executable instructions or commands. Consider using a structured data format for `use_case` that limits the expressiveness of user input.	LLM	SKILL.md:40
HIGH	Undefined Scope and Potential for Arbitrary Execution in `RUBE_REMOTE_WORKBENCH` The `RUBE_REMOTE_WORKBENCH` tool is described as handling "Bulk ops" and using `run_composio_tool()`. The exact capabilities and security model of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()` are not detailed. If `run_composio_tool()` allows arbitrary tool calls, scripting, or code execution without proper sandboxing and input validation, it could lead to excessive permissions, command injection, or unintended actions. This generic "workbench" pattern often implies a powerful, potentially dangerous, interface if not strictly controlled. Provide clear documentation on the exact capabilities, input validation, and security sandbox of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. Ensure that `run_composio_tool()` is strictly limited to predefined, safe operations and does not allow arbitrary code execution or unconstrained access to system resources. Implement strong access controls and logging for its usage.	LLM	SKILL.md:80

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/74d4e3f64dea7bb0.svg)](https://skillshield.io/report/74d4e3f64dea7bb0)