Security Audit
new_relic-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
new_relic-automation received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Unversioned External MCP Dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unversioned External MCP Dependency The skill declares a dependency on the 'rube' MCP (Managed Control Plane) without specifying a version or integrity check. The documentation also refers to a hardcoded endpoint `https://rube.app/mcp`. This introduces a supply chain risk, as changes or compromises to the `rube.app` service could silently affect the skill's behavior and security without the skill author or user being able to control the version or detect unauthorized modifications. This is analogous to an unpinned dependency for a software library, where the lack of version control for an external service can lead to unexpected or malicious behavior. Implement a mechanism to specify and verify the version or integrity of the `rube` MCP. If the MCP provider offers versioned endpoints, use a specific version. If not, consider alternative methods for integrity verification or risk mitigation, such as a hash or signature check if supported by the MCP client, or a more robust trust mechanism for the external service. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/e6d6c2a0cc0d8822)
Powered by SkillShield