Security Audit
coassemble-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
coassemble-automation received a trust score of 100/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 0 low severity. Key findings include Broad Tool Access via Rube MCP.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| INFO | Broad Tool Access via Rube MCP The skill leverages Rube MCP, specifically mentioning `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. This implies that the LLM, when using this skill, gains the ability to execute a wide range of Composio tools available through the Rube MCP. While this is the intended functionality of integrating with Rube, it represents a broad scope of tool access for the LLM. Users should be aware that enabling this skill grants the LLM significant capabilities to interact with various Composio tools, which could have implications depending on the permissions configured for the Rube MCP and the underlying Composio tools. Ensure that the Rube MCP environment and the Composio tools it can access are configured with the principle of least privilege. Users should understand the full scope of actions the LLM can perform when using this skill and the underlying Rube MCP. | LLM | SKILL.md:77 |
Scan History
Embed Code
[](https://skillshield.io/report/e6a04656f9508b4d)
Powered by SkillShield