Security Audit
serply-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
serply-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via RUBE_REMOTE_WORKBENCH The skill documentation mentions `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. The term 'workbench' and the function name 'run_composio_tool()' strongly suggest an environment capable of executing code. If `run_composio_tool()` allows arbitrary code or command execution without proper sandboxing or input validation, it could be exploited for command injection, leading to unauthorized system access, data manipulation, or exfiltration. The skill does not provide details on the security measures or limitations of this function. Ensure `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()` are executed within a strictly sandboxed environment with minimal privileges. Implement robust input validation and restrict the types of operations that can be performed. Clearly document the security implications and limitations of `run_composio_tool()` for users and LLMs. | LLM | SKILL.md:39 |
Scan History
Embed Code
[](https://skillshield.io/report/8cf5206a74dd030b)
Powered by SkillShield