Security Audit

svix-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

svix-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Excessive Permissions / Command Injection via `RUBE_REMOTE_WORKBENCH`.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Potential Excessive Permissions / Command Injection via `RUBE_REMOTE_WORKBENCH` The skill documentation recommends using `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. The term 'Remote Workbench' and the generic function `run_composio_tool()` strongly suggest a capability for executing complex or arbitrary operations in a remote environment. Without strict sandboxing, robust input validation, and clear limitations, this could allow an agent to execute arbitrary commands or access resources beyond the intended scope of Svix operations, leading to command injection or excessive permissions. The skill itself instructs the agent to use this potentially powerful and unconstrained tool. Clarify the exact capabilities and security guarantees of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. If it allows arbitrary code execution, ensure it is heavily sandboxed and that inputs are strictly validated. If not, update the documentation to reflect its limited, safe usage. Consider if such a powerful tool is necessary for a general-purpose Svix automation skill, or if more granular, specific tools should be used instead.	LLM	SKILL.md:69

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/11dad3a00c70b60a.svg)](https://skillshield.io/report/11dad3a00c70b60a)