Security Audit

bitwarden-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

bitwarden-automation received a trust score of 81/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Broad Access to Bitwarden Operations, Unversioned External Dependency (Rube MCP/Composio Toolkit).

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Broad Access to Bitwarden Operations The skill provides the LLM with the capability to execute any Bitwarden operation exposed by the Rube MCP toolkit, including potentially sensitive actions like retrieving, creating, updating, or deleting vault items. While necessary for the skill's functionality, this grants significant control over the user's password manager. A compromised LLM or malicious prompt could exploit this to exfiltrate sensitive data, modify vault contents, or perform other unauthorized actions. Implement fine-grained access controls or approval mechanisms for highly sensitive Bitwarden operations. Consider adding user confirmation steps for destructive or data-exfiltrating actions. Ensure the LLM's internal reasoning and prompt handling are robust against manipulation when interacting with such powerful tools.	LLM	SKILL.md:48
MEDIUM	Unversioned External Dependency (Rube MCP/Composio Toolkit) The skill explicitly depends on 'Rube MCP' and the 'Composio Bitwarden toolkit' (`requires: {"mcp": ["rube"]}`). The skill does not specify a version for these external components, nor does it provide a mechanism to verify their integrity. This introduces a supply chain risk: if the Rube MCP platform or the Composio Bitwarden toolkit were compromised or introduced malicious functionality, the security of this skill would be directly affected. If possible, specify exact versions or hashes for external dependencies to ensure deterministic behavior and prevent unexpected changes. Regularly audit the security of third-party platforms and toolkits.	LLM	SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/82b333a305d40f14.svg)](https://skillshield.io/report/82b333a305d40f14)