Security Audit
googletasks-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
googletasks-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Unversioned external MCP dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unversioned external MCP dependency The skill relies on an external Rube MCP server (`https://rube.app/mcp`) without specifying a version or hash. This introduces a supply chain risk, as changes to the Rube MCP service could introduce breaking changes or malicious behavior without the skill author's explicit update or vetting. The skill's functionality is entirely dependent on this unversioned external service. If possible, specify a version or hash for the Rube MCP endpoint to ensure consistent behavior and prevent unexpected changes. Implement robust validation of responses from the MCP server. Monitor the `rube.app` service for changes or security advisories. | LLM | SKILL.md:19 |
Scan History
Embed Code
[](https://skillshield.io/report/929c111cddee2ad1)
Powered by SkillShield