Security Audit
d2lbrightspace-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
d2lbrightspace-automation received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill instructs use of highly privileged RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill instructs use of highly privileged RUBE_REMOTE_WORKBENCH The skill's quick reference section explicitly lists `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. This indicates the agent is expected to use a tool that can execute arbitrary Composio tools. This capability grants very broad permissions and could lead to unintended or malicious operations if the agent is compromised or given misleading instructions. While this might be intended functionality for advanced operations, it represents a high-privilege capability that should be used with caution. Consider if `RUBE_REMOTE_WORKBENCH` is strictly necessary for the skill's core functionality, or if its use can be more narrowly scoped. If it is necessary, ensure robust guardrails are in place for the agent's use of this powerful tool, and clearly document its broad capabilities and potential risks to users. | LLM | SKILL.md:62 |
Scan History
Embed Code
[](https://skillshield.io/report/aa8f8ca934329bd3)
Powered by SkillShield