Security Audit
rev-ai-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
rev-ai-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Dynamic execution of broad Rube MCP tools.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Dynamic execution of broad Rube MCP tools The skill enables the LLM to dynamically discover and execute a wide range of tools via `RUBE_SEARCH_TOOLS`, `RUBE_MULTI_EXECUTE_TOOL`, and `RUBE_REMOTE_WORKBENCH`. This grants the LLM broad permissions to interact with the Rev AI toolkit and potentially other Composio tools without specific constraints on the operations performed. If the underlying tools have access to sensitive data, file systems, or network resources, an attacker could leverage this dynamic execution capability to perform unauthorized actions or exfiltrate data. Implement stricter access controls or allow-lists for specific tool slugs and arguments that the LLM is permitted to execute. Ensure that the underlying Rube MCP tools are themselves narrowly scoped and follow the principle of least privilege. Consider adding human-in-the-loop approval for sensitive operations. | LLM | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/c9148b64f2ca7584)
Powered by SkillShield