Security Audit
leadfeeder-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
leadfeeder-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad Tool Access to External System.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad Tool Access to External System The skill instructs the LLM to discover and execute any available tool within the 'Leadfeeder operations' toolkit via `RUBE_SEARCH_TOOLS` and `RUBE_MULTI_EXECUTE_TOOL`. This grants the LLM overly broad access to an external system, potentially allowing it to perform any action supported by the Leadfeeder toolkit, including sensitive or destructive operations, if manipulated by a malicious prompt. The `use_case: "Leadfeeder operations"` query is very general, leading to a wide range of discoverable and executable tools. Consider narrowing the scope of `RUBE_SEARCH_TOOLS` queries to specific, necessary operations. Implement a whitelist or blacklist for `RUBE_MULTI_EXECUTE_TOOL` to restrict access to sensitive functions, or introduce human approval steps for critical operations before execution. | LLM | SKILL.md:40 |
Scan History
Embed Code
[](https://skillshield.io/report/10a8edb4c5fa3165)
Powered by SkillShield