Security Audit
cdr-platform-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
cdr-platform-automation received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Broad Access to Cdr Platform Operations.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad Access to Cdr Platform Operations The skill provides the LLM with broad access to 'Automate Cdr Platform operations' through tools like `RUBE_MULTI_EXECUTE_TOOL` and `RUBE_REMOTE_WORKBENCH`. These tools allow the execution of any discovered tool within the `cdr_platform` toolkit. This means the LLM, when using this skill, can potentially perform any action that the connected Cdr Platform account has permissions for, without explicit granular control defined within the skill's description. This broad access increases the risk of unintended or malicious actions if the LLM is compromised or misinterprets instructions. Implement granular access control within the Cdr Platform toolkit or the Rube MCP to limit the scope of operations an LLM can perform. Consider requiring human approval for sensitive Cdr Platform actions. Design the skill to expose only the minimum necessary tools or operations for specific use cases, rather than a general 'execute any tool' interface. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/373932333767be10)
Powered by SkillShield