Security Audit
sitespeakai-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
sitespeakai-automation received a trust score of 80/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 1 low severity. Key findings include Broad Execution Capabilities via RUBE_REMOTE_WORKBENCH, Unrestricted Access to Sitespeakai API via Rube MCP, Dependency on External Rube MCP Service.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad Execution Capabilities via RUBE_REMOTE_WORKBENCH The skill exposes `RUBE_REMOTE_WORKBENCH` for 'Bulk ops' using `run_composio_tool()`. This tool implies a highly privileged and potentially unconstrained execution environment. If `run_composio_tool()` allows arbitrary code or command execution, it presents a significant command injection vulnerability. Even without direct command injection, it grants excessive permissions, allowing the agent to perform complex, custom operations that are not explicitly defined or limited within the skill's documentation. Clearly define and restrict the capabilities of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. Implement strict input validation and sandboxing if arbitrary code execution is intended. If not, remove or replace this tool with more granular, predefined operations. | LLM | SKILL.md:56 | |
| MEDIUM | Unrestricted Access to Sitespeakai API via Rube MCP The skill allows the agent to execute any discovered Sitespeakai tool via `RUBE_MULTI_EXECUTE_TOOL`. While `RUBE_SEARCH_TOOLS` is recommended for discovery, the skill does not define or enforce any scope limitations on the types of Sitespeakai operations an agent can perform. This grants broad access to the entire Sitespeakai API, potentially allowing sensitive actions like data modification, deletion, or retrieval without further constraints. Implement mechanisms to define and enforce a narrower scope of allowed Sitespeakai operations for the agent. This could involve whitelisting specific tool slugs or categories, or requiring explicit user confirmation for sensitive actions. | LLM | SKILL.md:40 | |
| LOW | Dependency on External Rube MCP Service The skill explicitly depends on the external Rube MCP service hosted at `https://rube.app/mcp`. This introduces a supply chain risk, as the security of the skill is tied to the security and integrity of this third-party service. A compromise of `rube.app` or vulnerabilities within the Rube MCP itself could potentially impact agents using this skill. While external dependencies are common, it's important to acknowledge the associated risk. Ensure robust vetting of third-party services. Consider implementing monitoring for changes or compromises of critical external dependencies. | LLM | SKILL.md:19 |
Scan History
Embed Code
[](https://skillshield.io/report/995ab68f4b963716)
Powered by SkillShield