Security Audit
open-sea-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
open-sea-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad tool execution capability via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad tool execution capability via RUBE_REMOTE_WORKBENCH The skill documents the use of `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. This tool appears to allow for the execution of arbitrary Composio tools or complex workflows. If the LLM is granted unconstrained access to this tool, it could perform a wide range of actions on behalf of the user, potentially beyond the intended scope of Open Sea automation, without explicit per-action user confirmation. This represents an excessive permission risk, as the LLM could leverage this powerful tool for unintended operations. Implement strict guardrails and user confirmation mechanisms for calls to `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. Ensure the LLM's access to this tool is limited to specific, pre-approved use cases or requires explicit user consent for each operation. Consider restricting the scope of `run_composio_tool()` to only Open Sea related operations if broader access is not intended. | LLM | SKILL.md:74 |
Scan History
Embed Code
[](https://skillshield.io/report/b8f2628ca25fdd54)
Powered by SkillShield