Security Audit

apitemplate-io-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 99e2a2951545

TRUSTED

Scanned 6 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

apitemplate-io-automation received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via RUBE_REMOTE_WORKBENCH.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
MEDIUM	Potential Command Injection via RUBE_REMOTE_WORKBENCH The skill documentation mentions `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. The term 'Remote Workbench' and the function `run_composio_tool()` strongly suggest a capability for executing arbitrary code or commands within the Composio environment. If the `run_composio_tool()` function can be supplied with arbitrary code or commands by the LLM agent (e.g., through user input), it could lead to command injection, allowing unauthorized execution of commands on the remote system. The documentation does not provide examples or warnings about the safe use of this potentially powerful tool, which could be exploited by a malicious prompt or an unconstrained LLM agent. 1. Clarify the exact capabilities and limitations of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. 2. If it allows arbitrary code execution, implement strict sandboxing and input validation to prevent command injection. 3. Provide explicit warnings and guidance in the documentation on how to safely use this tool, emphasizing that it should only be used with trusted inputs. 4. Consider if such a powerful and less constrained tool is necessary for the skill's intended purpose, or if more constrained alternatives exist.	LLM	SKILL.md:59

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/bdc726b20502f542.svg)](https://skillshield.io/report/bdc726b20502f542)