Security Audit
process-street-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
process-street-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Broad tool execution via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad tool execution via RUBE_REMOTE_WORKBENCH The skill documentation advertises the use of `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. If `run_composio_tool()` allows the execution of arbitrary Composio tools beyond those specifically related to Process Street, this grants the LLM excessive permissions. This capability could allow the LLM to interact with a wide range of external services, expanding its functional scope far beyond the stated purpose of 'Process Street Automation'. Restrict the capabilities of `RUBE_REMOTE_WORKBENCH` when used within this skill to only Process Street-related operations, or remove its mention if it's not strictly necessary for Process Street automation. Alternatively, clarify that `run_composio_tool()` is contextually limited to Process Street tools when invoked via this skill. | LLM | SKILL.md:68 |
Scan History
Embed Code
[](https://skillshield.io/report/5a33d5ff289a4e24)
Powered by SkillShield