Security Audit
storeganise-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
storeganise-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via RUBE_REMOTE_WORKBENCH The skill exposes `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()`. The term 'workbench' often implies an environment where arbitrary code or commands can be executed. If `run_composio_tool()` allows for unconstrained execution of commands or code, an attacker could potentially inject malicious commands, leading to command injection, data exfiltration, or system compromise. This also represents an excessive permission granted to the LLM. Clarify the exact capabilities and sandboxing of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. If it allows arbitrary code execution, it should be removed or heavily restricted to a predefined set of safe operations. If it's meant for specific, safe tool invocations, this should be explicitly stated and enforced through strict input validation and execution environment controls. | LLM | SKILL.md:78 |
Scan History
Embed Code
[](https://skillshield.io/report/496408b793acb3c0)
Powered by SkillShield