Security Audit

bubble-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

bubble-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Broad Tool Execution Capabilities Documented.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Broad Tool Execution Capabilities Documented The skill documentation describes the use of `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()`, which provides highly flexible and broad execution capabilities within the Bubble platform. While intended for 'Bulk ops', this tool allows for arbitrary execution of Composio tools. If the AI agent using this skill were compromised, this broad access could be leveraged to perform unauthorized or malicious operations on the connected Bubble instance, potentially leading to data manipulation, service disruption, or other security incidents. The skill itself does not grant these permissions, but it documents and encourages the use of a tool that possesses them, highlighting a significant attack surface if the agent's integrity is compromised. Ensure robust security measures are in place for the AI agent itself, including strong authentication, authorization, and input validation, to prevent misuse of powerful tools like `RUBE_REMOTE_WORKBENCH`. Implement strict monitoring and auditing of actions performed via this tool. Consider if the agent truly requires such broad, arbitrary execution capabilities or if more granular, specific tools could be used instead.	LLM	SKILL.md:68

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/c3a8fb3c89907aa5.svg)](https://skillshield.io/report/c3a8fb3c89907aa5)