Security Audit
doppler-marketing-automation-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
doppler-marketing-automation-automation received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Downstream Prompt Injection via 'use_case' parameter, Broad Tool Execution Capabilities, Supply Chain Risk from External MCP Dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Supply Chain Risk from External MCP Dependency The skill has a fundamental dependency on the 'rube' MCP (Managed Control Plane), as indicated in the manifest (`'mcp': ['rube']`) and the skill's setup instructions (`https://rube.app/mcp`). This introduces a significant supply chain risk. The security and integrity of the `rube.app` platform are critical. If the Rube MCP itself were compromised or became malicious, it could directly impact the security of all operations performed by this skill, potentially leading to data breaches, unauthorized actions, or system manipulation within Doppler Marketing Automation. Thoroughly vet and continuously monitor third-party MCPs and external dependencies. Implement robust mechanisms for integrity verification of MCP interactions. Consider sandboxing or isolating interactions with external services to limit the blast radius of a potential compromise. Establish clear trust boundaries and fallback mechanisms. | Static | SKILL.md:20 | |
| MEDIUM | Downstream Prompt Injection via 'use_case' parameter The skill instructs the agent to use `RUBE_SEARCH_TOOLS` with a `use_case` parameter, which is a natural language string (e.g., 'your specific Doppler Marketing Automation task'). This parameter is likely processed by an LLM within the Rube MCP system to interpret the user's intent. If an attacker can control the input to this `use_case` field, they could attempt to inject malicious prompts into the Rube MCP's internal LLM, potentially leading to unintended tool selections or actions within the Rube system. Implement robust input sanitization and validation for all natural language inputs passed to downstream LLMs. Consider using structured data or constrained natural language interfaces where possible. The Rube MCP should employ strong prompt injection defenses for its internal LLMs. | LLM | SKILL.md:30 | |
| MEDIUM | Broad Tool Execution Capabilities The skill describes the use of `RUBE_MULTI_EXECUTE_TOOL` and `RUBE_REMOTE_WORKBENCH` which allow the agent to execute a wide range of operations within Doppler Marketing Automation. While the skill advises dynamic discovery via `RUBE_SEARCH_TOOLS`, the underlying capability grants broad access to the target system's functionalities. If the agent's decision-making process is compromised or misinterprets user intent, it could lead to unauthorized or destructive actions within the Doppler Marketing Automation platform. This represents an inherent risk of powerful automation tools. Implement strict access controls and least privilege principles for the agent using this skill. Ensure human oversight or approval for sensitive operations. The agent's reasoning process should be auditable, and its ability to select and execute tools should be carefully constrained based on user permissions and context. | Static | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/5b873692d1c83c3c)
Powered by SkillShield