Security Audit
gender-api-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
gender-api-automation received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 2 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via Remote Workbench, Excessive Permissions: LLM can manage external connections, Supply Chain Risk: Unvetted External MCP Dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Potential Command Injection via Remote Workbench The skill exposes `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()`. The term 'Remote Workbench' strongly suggests an environment capable of executing arbitrary code or commands, and `run_composio_tool()` implies the ability to run external tools. Without clear sandboxing or restrictions, this presents a critical command injection vulnerability, allowing an attacker to execute arbitrary code on the host system or connected services. Clarify the exact capabilities and security model of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. If it allows arbitrary code execution, it must be removed or heavily restricted with strict sandboxing and input validation. Provide explicit documentation on how this tool is secured against command injection. | LLM | SKILL.md:60 | |
| HIGH | Excessive Permissions: LLM can manage external connections The skill grants the LLM access to `RUBE_MANAGE_CONNECTIONS`, allowing it to manage (create, modify, delete) connections to external services like the Gender API. This capability could be abused by a malicious prompt to establish unauthorized connections, modify existing ones to exfiltrate data, or gain access to sensitive systems by manipulating authentication details. Restrict the LLM's ability to initiate or modify connections. Ideally, connections should be pre-configured and managed by a human administrator. If the LLM must manage connections, implement strict approval workflows, narrow the scope of what it can manage, and ensure sensitive credentials are never exposed to the LLM. | LLM | SKILL.md:20 | |
| HIGH | Supply Chain Risk: Unvetted External MCP Dependency The skill relies entirely on an external, third-party service, Rube MCP, by instructing the LLM to 'Add `https://rube.app/mcp` as an MCP server'. The security and integrity of this skill are directly dependent on the trustworthiness and security posture of `rube.app`. A compromise of this external service could lead to the LLM executing malicious tools or exfiltrating data, representing a significant supply chain risk. Implement robust vetting processes for all third-party services and dependencies. Consider self-hosting critical components or using trusted, audited providers. Continuously monitor external dependencies for security vulnerabilities and incidents. Document the security assurances provided by `rube.app`. | LLM | SKILL.md:25 |
Scan History
Embed Code
[](https://skillshield.io/report/17bcafb20b9bd080)
Powered by SkillShield