Security Audit
signpath-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
signpath-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Broad tool execution via Rube MCP.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad tool execution via Rube MCP The skill's documentation instructs the LLM to use `RUBE_SEARCH_TOOLS` to dynamically discover available Signpath operations and `RUBE_MULTI_EXECUTE_TOOL` to execute them. This pattern grants the LLM the ability to perform any Signpath operation exposed by the Rube MCP toolkit, without specific constraints on allowed actions. An attacker who can inject prompts into the LLM could leverage this skill to execute arbitrary Signpath operations, potentially leading to unauthorized data modification, access, or service disruption. If the full scope of Signpath operations is not required, implement stricter access controls or a whitelist of allowed operations within the Rube MCP configuration or the skill's design. If full scope is intended, ensure robust input validation and authorization mechanisms are in place within the Rube MCP and Signpath integration to prevent misuse. Consider adding LLM-level guardrails to limit the types of operations it can request. | LLM | SKILL.md:39 |
Scan History
Embed Code
[](https://skillshield.io/report/0276ec65f51acc3a)
Powered by SkillShield