Security Audit
supportivekoala-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
supportivekoala-automation received a trust score of 80/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 1 low severity. Key findings include Reliance on External MCP Introduces Supply Chain Risk, Potential for Excessive Permissions or Command Injection via RUBE_REMOTE_WORKBENCH, Indirect Credential Harvesting Risk via External Authentication Flow.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Reliance on External MCP Introduces Supply Chain Risk The skill's core functionality is entirely dependent on the external Rube MCP service (https://rube.app/mcp). If this external service is compromised, malicious, or becomes unavailable, it could lead to unauthorized access, data exfiltration, command injection, or denial of service for all operations performed through this skill. The skill itself does not mitigate risks associated with the trustworthiness or security posture of the Rube MCP. Users should verify the trustworthiness and security posture of `https://rube.app/mcp` before integrating this skill. Skill developers should provide clear documentation on the security measures and incident response plans for required external services like Rube MCP. | LLM | SKILL.md:3 | |
| MEDIUM | Potential for Excessive Permissions or Command Injection via RUBE_REMOTE_WORKBENCH The `RUBE_REMOTE_WORKBENCH` operation, specifically with `run_composio_tool()`, is listed for 'Bulk ops'. This suggests the capability to execute arbitrary code or tools on a remote workbench environment. Without clear documentation on the security model, input validation, and sandboxing of `run_composio_tool()`, there is a significant risk of excessive permissions or command injection if an attacker can manipulate the arguments passed to this function. Provide explicit documentation detailing the capabilities, security model, and limitations of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. Ensure that all inputs are strictly validated and sanitized, and that the remote execution environment operates with the principle of least privilege and robust sandboxing. | LLM | SKILL.md:69 | |
| LOW | Indirect Credential Harvesting Risk via External Authentication Flow The skill instructs users to 'follow the returned auth link' from `RUBE_MANAGE_CONNECTIONS` to complete the connection setup. This process relies on the Rube MCP to provide a legitimate authentication URL. If the Rube MCP were compromised or malicious, it could potentially provide a phishing link to harvest user credentials for Supportivekoala or other integrated services. While the skill itself does not perform the harvesting, it directs the user to an external system that could facilitate it. Users should be advised to carefully inspect any authentication links provided by external services like Rube MCP before proceeding with authentication. Skill developers should emphasize the importance of verifying the authenticity and domain of such links to mitigate phishing risks. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/23c5dd86c365e25d)
Powered by SkillShield