Security Audit
botsonic-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
botsonic-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad tool access to external systems via Rube MCP.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad tool access to external systems via Rube MCP The skill enables the LLM to discover and execute any available Botsonic operation via `RUBE_SEARCH_TOOLS` and `RUBE_MULTI_EXECUTE_TOOL`. This grants broad access to the connected Botsonic account's functionalities, including potentially sensitive or destructive actions, without explicit constraints within the skill definition. Furthermore, the `RUBE_REMOTE_WORKBENCH` tool is mentioned, which, with `run_composio_tool()`, suggests the ability to execute any Composio tool, potentially extending access beyond Botsonic and to other connected systems. Implement stricter access controls or require human approval for sensitive operations. Consider defining a more granular set of allowed Botsonic tools or operations within the skill's scope, rather than allowing execution of *any* discovered tool. For `RUBE_REMOTE_WORKBENCH`, clarify its scope and potential impact and consider if it's truly necessary for a 'botsonic-automation' skill. | LLM | SKILL.md:48 |
Scan History
Embed Code
[](https://skillshield.io/report/197d13a8aa0bf792)
Powered by SkillShield