Security Audit
parseur-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
parseur-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Broad access to Parseur operations and connection management.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad access to Parseur operations and connection management The skill grants the AI agent broad control over the connected Parseur account. It allows dynamic discovery and execution of any available Parseur operation via `RUBE_MULTI_EXECUTE_TOOL` and management of connections via `RUBE_MANAGE_CONNECTIONS`. This means a compromised agent could be instructed to perform any action permitted by the Parseur API, including destructive operations, data manipulation, or reconfiguring access to the Parseur service. Implement fine-grained access control for the Rube MCP integration to limit the specific Parseur operations an agent can perform. Restrict the agent's ability to manage connections unless absolutely necessary. Ensure robust input validation and authorization checks are in place on the Rube MCP side to prevent malicious use of these broad capabilities. | LLM | SKILL.md:40 |
Scan History
Embed Code
[](https://skillshield.io/report/c899f3608f4d7d6a)
Powered by SkillShield