Security Audit

survey_monkey-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 99e2a2951545

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

survey_monkey-automation received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via RUBE_REMOTE_WORKBENCH with ThreadPoolExecutor.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
CRITICAL	Potential Command Injection via RUBE_REMOTE_WORKBENCH with ThreadPoolExecutor The skill documentation describes the `RUBE_REMOTE_WORKBENCH` tool as being usable for 'bulk operations' with `run_composio_tool()` in a loop with `ThreadPoolExecutor` for parallel execution. The explicit mention of `ThreadPoolExecutor`, a Python standard library class for executing callables, strongly suggests that `RUBE_REMOTE_WORKBENCH` might allow the execution of arbitrary Python code or scripts. If an attacker can control the code or arguments passed to `ThreadPoolExecutor` or `run_composio_tool()` through `RUBE_REMOTE_WORKBENCH`, this could lead to arbitrary command execution on the host system or within the Rube environment. This capability also implies excessive permissions, as it grants the agent a high degree of programmatic control beyond typical tool invocation. Ensure that `RUBE_REMOTE_WORKBENCH` strictly validates and sanitizes all inputs. Any code executed via `ThreadPoolExecutor` must be from a predefined, safe set of operations, or executed within a highly restricted and sandboxed environment. Clarify in the documentation the exact scope and limitations of `RUBE_REMOTE_WORKBENCH`'s execution capabilities, especially regarding custom code execution.	LLM	SKILL.md:77

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/41898c3ec1d7c070.svg)](https://skillshield.io/report/41898c3ec1d7c070)