Trust Assessment
lmnt-automation received a trust score of 78/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unpinned external MCP dependency, Broad tool execution capability via Rube MCP.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned external MCP dependency The skill manifest declares a dependency on the 'rube' MCP without specifying a version or hash. This means the skill will always fetch the latest version of the Rube MCP from `https://rube.app/mcp`. If the Rube MCP is compromised or introduces breaking/malicious changes, the skill could inherit these issues without explicit review or update, posing a significant supply chain risk. Pin the Rube MCP dependency to a specific version or hash in the manifest to ensure deterministic behavior and allow for explicit review of updates before deployment. | Static | SKILL.md:4 | |
| MEDIUM | Broad tool execution capability via Rube MCP The skill instructs the agent to use `RUBE_MULTI_EXECUTE_TOOL` to execute any tool slug discovered via `RUBE_SEARCH_TOOLS` for the `lmnt` toolkit. This grants the agent broad, dynamic access to all capabilities exposed by the `lmnt` toolkit through Rube. If the `lmnt` toolkit contains tools with sensitive operations (e.g., data deletion, access to private information, financial transactions), the agent could perform these actions without specific restrictions defined within this skill. The dynamic discovery via `RUBE_SEARCH_TOOLS` means the agent's capabilities can change without the skill's explicit update, potentially leading to excessive permissions. If possible, restrict the `tool_slug` values that the agent is allowed to execute to a predefined, minimal set. Implement a robust authorization layer for the `lmnt` toolkit tools to ensure that even if broadly accessible, sensitive operations require additional checks. | Static | SKILL.md:58 |
Scan History
Embed Code
[](https://skillshield.io/report/e0eb72692242a99f)
Powered by SkillShield