Security Audit

mboum-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

mboum-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Skill enables execution of arbitrary Composio tools via Rube MCP.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Skill enables execution of arbitrary Composio tools via Rube MCP The skill instructs the LLM to use `RUBE_MULTI_EXECUTE_TOOL` and `RUBE_REMOTE_WORKBENCH` to interact with Mboum and other Composio tools. Specifically, `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` is described as an approach for 'Bulk ops', implying a powerful, potentially unconstrained execution capability. The permissions and capabilities of these underlying tools are not defined within this skill package. If any Composio tool has broad access (e.g., filesystem, network, or environment variables), this skill provides the interface for the LLM to invoke such actions. This constitutes excessive permissions because the skill delegates significant control to an external, dynamically discoverable tool ecosystem without explicit constraints on the types of operations or resources accessible. This could lead to data exfiltration, command injection, or unauthorized resource access if malicious tools are introduced or legitimate tools are misused. 1. Restrict Tool Scope: Limit the set of Composio tools that `RUBE_REMOTE_WORKBENCH` can invoke to a predefined, minimal set necessary for Mboum automation. 2. Least Privilege: Ensure that the underlying Mboum and Composio tools themselves operate with the principle of least privilege, only having access to resources strictly necessary for their function. 3. Runtime Permissions Checks: Implement runtime checks within the Rube MCP or Composio framework to verify that the requested tool execution aligns with approved permissions for the current context. 4. Clear Documentation: Explicitly document the permissions and potential side effects of all tools discoverable via `RUBE_SEARCH_TOOLS` and executable via `RUBE_MULTI_EXECUTE_TOOL` or `RUBE_REMOTE_WORKBENCH`.	LLM	SKILL.md:68

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/40724f78a9497b4b.svg)](https://skillshield.io/report/40724f78a9497b4b)