Security Audit
baselinker-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
baselinker-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include `RUBE_REMOTE_WORKBENCH` grants excessive permissions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | `RUBE_REMOTE_WORKBENCH` grants excessive permissions The skill documentation explicitly mentions `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. This tool, especially if `run_composio_tool()` allows arbitrary code execution or highly privileged operations within the Rube environment, grants excessive permissions to the LLM. An attacker could potentially prompt the LLM to use this tool to execute malicious code or perform unauthorized actions beyond the scope of typical Baselinker operations, effectively leading to command injection or data exfiltration. Clarify the exact capabilities and limitations of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. If it allows arbitrary code execution, consider removing it from the exposed tools or implementing strict sandboxing and input validation. Ensure that the LLM's access to this tool is carefully controlled and monitored, and that its use is restricted to predefined, safe operations. | LLM | SKILL.md:79 |
Scan History
Embed Code
[](https://skillshield.io/report/1a4677f54cb8c49f)
Powered by SkillShield