Security Audit

sage-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

sage-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Broad Tool Access Grants Excessive Permissions to Sage Operations.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Broad Tool Access Grants Excessive Permissions to Sage Operations The skill is designed to provide the LLM with broad access to all available Sage operations via the Rube MCP toolkit. The `RUBE_MULTI_EXECUTE_TOOL` allows the LLM to execute any discovered Sage tool with arbitrary arguments. This grants the LLM full control over the connected Sage account's capabilities, including potentially sensitive actions like data modification, deletion, or exfiltration, if the underlying Sage tools support them. While this is the intended functionality for automation, it represents a significant security risk if the LLM is compromised or receives malicious instructions, as it can perform any action the connected Sage account is authorized to do. Implement strict access controls and least privilege principles for the Sage account connected to Rube MCP. Ensure the LLM's execution environment is sandboxed and that user prompts are thoroughly validated and sanitized to prevent malicious instructions from being passed to the `RUBE_MULTI_EXECUTE_TOOL`. Consider implementing human-in-the-loop approvals for sensitive Sage operations initiated by the LLM.	LLM	SKILL.md:57

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/d7b8c09fcd93b01a.svg)](https://skillshield.io/report/d7b8c09fcd93b01a)