Trust Assessment
svix-automation received a trust score of 90/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via RUBE_REMOTE_WORKBENCH The skill documentation suggests using `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` for 'Bulk ops'. The term 'workbench' and the function `run_composio_tool()` strongly imply an environment where code or commands can be executed. Without clear documentation on the sandboxing and security model of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`, there is a potential for command injection or arbitrary code execution if a malicious agent can manipulate the inputs to this tool. This could lead to unauthorized actions, data exfiltration, or system compromise within the Rube MCP environment. The Rube MCP platform should ensure that `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()` are executed within a strictly sandboxed environment with minimal privileges. The skill documentation should clarify the security boundaries and capabilities of this tool to prevent misuse by an agent, explicitly stating what types of operations are permitted and what safeguards are in place. | LLM | SKILL.md:60 |
Scan History
Embed Code
[](https://skillshield.io/report/48b89dccf9436744)
Powered by SkillShield