Security Audit

tinyurl-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 99e2a2951545

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

tinyurl-automation received a trust score of 76/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via RUBE_REMOTE_WORKBENCH, Excessive Permissions via RUBE_REMOTE_WORKBENCH.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

2 findings

Dynamic Code

1 finding

Excessive Permissions

2 findings

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Command Injection via RUBE_REMOTE_WORKBENCH The skill exposes `RUBE_REMOTE_WORKBENCH` which is described as enabling 'Bulk ops' and mentions `run_composio_tool()`. If `run_composio_tool()` allows arbitrary code execution, shell commands, or access to sensitive system resources, an attacker could potentially inject malicious commands or scripts through crafted inputs to the agent, leading to command injection. The term 'workbench' often implies a programmable environment, increasing this risk. Clarify the exact capabilities and sandboxing of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. Ensure that `run_composio_tool()` is strictly limited to predefined, safe operations and does not allow arbitrary code execution or access to sensitive system commands/files. Implement robust input validation and sanitization for any arguments passed to this tool.	LLM	SKILL.md:70
HIGH	Excessive Permissions via RUBE_REMOTE_WORKBENCH The `RUBE_REMOTE_WORKBENCH` tool, described for 'Bulk ops' and utilizing `run_composio_tool()`, suggests a powerful interface that could grant excessive permissions. If `run_composio_tool()` can execute a wide range of operations, including those with system-level access or broad data manipulation capabilities, it could be misused by an attacker to perform unauthorized actions beyond the intended scope of Tinyurl automation. This represents an overly broad tool access. Review and restrict the scope of operations available through `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. Ensure that the tool's capabilities are narrowly defined and strictly adhere to the principle of least privilege, only allowing actions necessary for Tinyurl automation. Provide clear documentation on its limitations and security boundaries.	LLM	SKILL.md:70

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/6140922588c4ef66.svg)](https://skillshield.io/report/6140922588c4ef66)