Security Audit
signaturely-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
signaturely-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Potential Excessive Permissions via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Potential Excessive Permissions via RUBE_REMOTE_WORKBENCH The skill documentation mentions `RUBE_REMOTE_WORKBENCH` for 'Bulk ops' with `run_composio_tool()`. The term 'workbench' often implies a broad, potentially unrestricted execution environment. If this tool allows for arbitrary code execution, file system access, or network requests to arbitrary destinations without sufficient sandboxing or input validation, it represents an excessive permission risk. The skill itself does not define the scope or safeguards of this tool, merely exposes its availability. Clarify the exact capabilities and limitations of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. If it allows arbitrary code execution or broad system access, consider if it's appropriate for an AI agent skill or implement strict input validation and sandboxing within the Rube MCP system. | LLM | SKILL.md:70 |
Scan History
Embed Code
[](https://skillshield.io/report/8e93a262270311fd)
Powered by SkillShield