Security Audit

sms-alert-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 99e2a2951545

TRUSTED

Scanned 6 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

sms-alert-automation received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Dynamic Tool Execution with Potential for Excessive Permissions.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
MEDIUM	Dynamic Tool Execution with Potential for Excessive Permissions The skill instructs the agent to dynamically discover tools via `RUBE_SEARCH_TOOLS` and then execute them using `RUBE_MULTI_EXECUTE_TOOL` based on the `tool_slug` returned from the search. While the skill's stated purpose is 'SMS Alert Automation' and `RUBE_SEARCH_TOOLS` is given a `use_case: 'SMS Alert operations'`, there is no explicit mechanism within the skill to strictly validate or whitelist the `tool_slug`s before execution. If the underlying Rube MCP's `sms_alert` toolkit or `RUBE_SEARCH_TOOLS` can return tools with broader functionalities (e.g., managing contacts, account settings, or other non-SMS sending operations) that fall under a loose interpretation of 'SMS Alert operations', the agent could be instructed to perform actions with excessive permissions beyond the user's intended scope of simple SMS alerts. To mitigate this, consider adding more specific constraints to the `RUBE_SEARCH_TOOLS` queries to narrow down the scope of returned tools. If possible, implement a whitelist of allowed `tool_slug`s that the agent is permitted to execute for 'SMS Alert' tasks, or introduce a validation step to ensure executed tools strictly align with the intended, narrow scope of SMS alerts.	LLM	SKILL.md:49

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/a1d4d88aef493244.svg)](https://skillshield.io/report/a1d4d88aef493244)