Security Audit

simplesat-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 99e2a2951545

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

simplesat-automation received a trust score of 88/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include Skill enables broad tool execution capabilities, Reliance on external Rube MCP endpoint introduces supply chain risk.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

86%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

2 findings

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Skill enables broad tool execution capabilities The skill instructs the LLM to utilize `RUBE_MULTI_EXECUTE_TOOL` and `RUBE_REMOTE_WORKBENCH`. These tools, by design, allow for the execution of a wide range of operations within the Simplesat ecosystem (and potentially other integrated systems via Rube MCP). While this is the intended functionality of the skill, it means that an LLM using this skill gains significant and broad execution capabilities. Misuse or compromise of the LLM could lead to unintended or malicious actions being performed through these powerful tools. Ensure robust guardrails and access controls are in place for the LLM interacting with this skill. Implement strict validation of LLM-generated tool arguments and execution plans. Consider least-privilege principles for the underlying Rube MCP configuration if possible, limiting the scope of tools and actions available to the LLM.	LLM	SKILL.md:57
MEDIUM	Reliance on external Rube MCP endpoint introduces supply chain risk The skill's setup instructions explicitly direct the user/LLM to add `https://rube.app/mcp` as an MCP server. This means the skill's core functionality is dependent on an external, third-party service. A compromise of the `rube.app` domain or the Rube MCP service itself could lead to the delivery of malicious tool schemas, execution plans, or arbitrary code, effectively compromising any system interacting with it via this skill. Verify the trustworthiness and security posture of `rube.app`. Implement network-level controls to restrict access to external MCPs if possible. Regularly monitor for any suspicious activity related to the external service. Consider self-hosting or using a trusted, audited MCP solution if available and feasible.	LLM	SKILL.md:19

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/10a52d5c1554bb30.svg)](https://skillshield.io/report/10a52d5c1554bb30)