Security Audit
dropbox-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
dropbox-automation received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Broad file sharing capabilities can lead to data exfiltration, Arbitrary URL fetching allows malware introduction or data exfiltration, External MCP dependency introduces supply chain risk.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad file sharing capabilities can lead to data exfiltration The skill exposes the `DROPBOX_CREATE_SHARED_LINK` tool, which allows the creation of public sharing links for any file or folder in the user's Dropbox. If the LLM is compromised or tricked by a malicious prompt, it could be coerced into making sensitive user data publicly accessible, leading to data exfiltration. This capability, while core to sharing, presents a significant risk if not carefully controlled. Implement strict guardrails and user confirmation for creating public shared links, especially for sensitive file paths. Consider limiting the `audience` parameter to `team` or `no_one` by default, or requiring explicit user approval for `public` visibility. | LLM | SKILL.md:180 | |
| HIGH | Arbitrary URL fetching allows malware introduction or data exfiltration The skill provides tools such as `DROPBOX_SAVE_URL` and `DROPBOX_GET_SHARED_LINK_FILE` that can fetch content from arbitrary external URLs. A malicious prompt could trick the LLM into downloading malware into the user's Dropbox account or fetching content from an attacker-controlled server. This could lead to data exfiltration (e.g., if the URL is a webhook designed to capture request metadata) or the introduction of malicious files into the user's cloud storage. Implement strict URL validation (e.g., allow-listing trusted domains) and user confirmation before fetching content from external URLs. Scan downloaded content for malware where possible. | LLM | SKILL.md:100 | |
| MEDIUM | External MCP dependency introduces supply chain risk The skill relies on an external 'Rube MCP' server (`https://rube.app/mcp`) for its core functionality. The security posture, integrity, and availability of this third-party service are critical to the skill's operation and overall security. A compromise of the Rube MCP could directly impact the security of the Dropbox automation skill, potentially leading to unauthorized access or manipulation of user data. Document the security practices and audit reports of the Rube MCP. Consider options for self-hosting or using a more transparent and auditable Managed Control Plane solution. Implement robust error handling and monitoring for all interactions with the external MCP. | LLM | SKILL.md:27 |
Scan History
Embed Code
[](https://skillshield.io/report/da21c46564af06b2)
Powered by SkillShield