Security Audit
leiga-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
leiga-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad Tool Execution Capabilities.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad Tool Execution Capabilities The skill provides the LLM with access to `RUBE_MULTI_EXECUTE_TOOL` and `RUBE_REMOTE_WORKBENCH`. These tools enable the execution of any operation exposed by the connected `leiga` toolkit, as discovered via `RUBE_SEARCH_TOOLS`. If the underlying `leiga` toolkit has broad permissions (e.g., read/write all data, administrative actions), a compromised or misdirected LLM could potentially execute highly sensitive or destructive operations without further constraint from the skill itself. The skill does not define or restrict the scope of the `leiga` toolkit's permissions. Implement granular access controls within the `leiga` toolkit to restrict the types of operations or data that can be accessed by the LLM. Alternatively, introduce a human-in-the-loop approval process for sensitive `leiga` operations executed via the skill. | LLM | SKILL.md:56 |
Scan History
Embed Code
[](https://skillshield.io/report/54a0bd86d01629ad)
Powered by SkillShield