Security Audit
deepgram-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
deepgram-automation received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Unversioned External Service Dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unversioned External Service Dependency The skill relies on the 'rube' MCP service, explicitly referencing the endpoint 'https://rube.app/mcp'. This external dependency is not versioned, meaning that changes to the service's behavior, API, or underlying code could be introduced by the service provider without explicit control or awareness from the skill, potentially leading to unexpected behavior, vulnerabilities, or breaking changes. This constitutes a supply chain risk as the skill's functionality and security are tied to an unpinned external resource. Implement versioning for the external MCP service endpoint, or establish mechanisms to monitor and validate the service's integrity and behavior before use. If versioning is not supported by the service, consider alternative integration methods or robust input/output validation to mitigate risks from unexpected changes. | LLM | SKILL.md:15 |
Scan History
Embed Code
[](https://skillshield.io/report/e4956148bf5520df)
Powered by SkillShield