Security Audit
toneden-automation
github.com/ComposioHQ/awesome-claude-skillsTrust Assessment
toneden-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad tool execution via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad tool execution via RUBE_REMOTE_WORKBENCH The skill documentation explicitly provides access to `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()`. While intended for 'Bulk ops', the `run_composio_tool()` function, by its generic name, suggests it could allow the LLM to execute arbitrary Composio tools beyond the intended Toneden automation. Depending on the Rube MCP's configuration and other connected toolkits, this could grant overly broad tool access to the LLM, potentially enabling actions on systems unrelated to Toneden. Clarify or restrict the scope of `RUBE_REMOTE_WORKBENCH` when used with this skill, ensuring that `run_composio_tool()` is strictly limited to Toneden-related operations within the context of this skill. If `run_composio_tool()` is intended to be generic, the skill documentation should explicitly state the full range of potential access, or the MCP should enforce stricter permissions for this skill. | LLM | SKILL.md:70 |
Scan History
Embed Code
[](https://skillshield.io/report/d4ebe74c0eb056cf)
Powered by SkillShield