Security Audit

baserow-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

baserow-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Skill promotes use of powerful remote workbench tool.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Skill promotes use of powerful remote workbench tool The skill explicitly instructs the LLM to use `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. This tool, by its nature ('workbench', 'bulk ops', 'run_composio_tool()'), suggests the capability to execute arbitrary code or highly privileged operations within the Composio ecosystem. If an LLM is prompted by a malicious actor to use this tool with crafted inputs, it could lead to command injection, unauthorized data manipulation, or other severe security breaches by leveraging the broad permissions of the underlying Rube MCP system. The skill itself does not contain the vulnerability, but it exposes and encourages the use of a powerful tool that could be misused without proper LLM guardrails and tool-level sandboxing. Implement strict input validation and sandboxing for `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()` to prevent arbitrary code execution or unintended operations. Provide clear documentation within the skill on the exact capabilities and limitations of `RUBE_REMOTE_WORKBENCH`, emphasizing safe usage patterns and warning against executing untrusted code. Consider if such a powerful tool should be exposed directly to an LLM without additional human-in-the-loop approval for sensitive operations.	LLM	SKILL.md:80

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/40fa6f35e22bf5e1.svg)](https://skillshield.io/report/40fa6f35e22bf5e1)