Security Audit

segmetrics-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 99e2a2951545

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

segmetrics-automation received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Skill enables broad remote execution capabilities, Skill enables execution of arbitrary Rube tools.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Shell Execution

2 findings

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Skill enables broad remote execution capabilities The skill documentation explicitly references `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. This tool suggests the ability to execute arbitrary Composio tools within a remote workbench environment. If `run_composio_tool()` can execute any Composio tool, and Composio tools can perform arbitrary actions, this grants the LLM broad and potentially unconstrained execution capabilities. This capability, if misused by a malicious prompt or an unconstrained LLM, could lead to unauthorized code execution or data manipulation in the remote environment. Implement strict access controls and sandboxing for the `RUBE_REMOTE_WORKBENCH` environment. Ensure that the LLM's access to this tool is carefully managed, subject to user confirmation, and monitored for suspicious activity. Clarify the exact scope and limitations of `run_composio_tool()` to prevent unintended broad execution.	LLM	SKILL.md:70
MEDIUM	Skill enables execution of arbitrary Rube tools The skill instructs the LLM to use `RUBE_MULTI_EXECUTE_TOOL` with `tool_slug: "TOOL_SLUG_FROM_SEARCH"`. While the documentation advises searching first, this mechanism allows the LLM to execute any tool available through the Rube MCP for Segmetrics. This grants broad access to all Segmetrics operations, which could include sensitive data manipulation, configuration changes, or other privileged actions, depending on the specific tools exposed by the Segmetrics toolkit. An unconstrained LLM or a malicious prompt could leverage this to perform unauthorized operations. Implement granular access controls for specific Segmetrics tools within Rube MCP, rather than granting blanket access. Ensure that the LLM's execution of `RUBE_MULTI_EXECUTE_TOOL` is subject to user confirmation or strict policy enforcement, especially for sensitive operations. Regularly review the capabilities of tools exposed via Rube MCP.	LLM	SKILL.md:47

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/7a5568cfc50c2003.svg)](https://skillshield.io/report/7a5568cfc50c2003)