Security Audit

raisely-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

raisely-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include Unpinned Rube MCP dependency, Skill enables broad execution of Raisely operations.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

86%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Unpinned Rube MCP dependency The skill manifest declares a dependency on the 'rube' MCP without specifying a version. This allows the system to load any version of the Rube MCP, potentially including vulnerable or malicious versions if the MCP source is compromised or if there's no integrity checking. This introduces a supply chain risk as the behavior and security of the underlying Rube MCP are not fixed. Pin the Rube MCP dependency to a specific, known-good version (e.g., `"rube": "1.2.3"`) or a version range with a lower bound (e.g., `"rube": ">=1.2.0,<2.0.0"`).	LLM	SKILL.md:1
MEDIUM	Skill enables broad execution of Raisely operations The skill instructs the AI agent to use `RUBE_MULTI_EXECUTE_TOOL` which, after discovering tools via `RUBE_SEARCH_TOOLS`, can execute any available Raisely operation. This grants the AI agent broad access to Raisely functionalities without specific restrictions defined within the skill itself. The `RUBE_REMOTE_WORKBENCH` for 'Bulk ops' and `run_composio_tool()` further suggests a highly privileged execution environment. If the LLM using this skill is compromised, it could perform a wide range of unauthorized actions on the connected Raisely account, representing a credible exploit path. Implement stricter access controls or a whitelist of allowed Raisely operations if the AI agent's scope should be limited. Ensure that the Rube MCP system and its underlying toolkits enforce least privilege and robust input validation for all executed tools, especially for generic execution mechanisms like `RUBE_REMOTE_WORKBENCH`.	LLM	SKILL.md:50

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/ae9f6c68b954ede4.svg)](https://skillshield.io/report/ae9f6c68b954ede4)