Trust Assessment
zoho-automation received a trust score of 81/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unpinned external dependency on Rube MCP, Dynamic execution of broad Zoho operations.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned external dependency on Rube MCP The skill's functionality is entirely dependent on the Rube MCP service hosted at `https://rube.app/mcp`. There is no version pinning or integrity validation mechanism for the Rube MCP or the tools it exposes. This means that changes or compromises to the `rube.app` service could dynamically alter the skill's behavior, introduce vulnerabilities, or lead to malicious actions without requiring an explicit update or review of the skill itself. The instruction 'Always search first: Tool schemas change' reinforces this dynamic, unpinned dependency. Implement version pinning or a mechanism to validate the integrity and expected behavior of external Rube MCP tools. Consider sandboxing or strict access controls for the Rube MCP connection to mitigate risks from upstream changes. | LLM | SKILL.md:20 | |
| MEDIUM | Dynamic execution of broad Zoho operations The skill is designed to dynamically discover available Zoho operations using `RUBE_SEARCH_TOOLS` and then execute them via `RUBE_MULTI_EXECUTE_TOOL`. This pattern allows the skill to perform a wide range of actions within Zoho, limited only by the permissions granted to the connected Zoho account through Rube MCP. If the Rube MCP connection is configured with broad permissions (e.g., administrative access), the skill could be leveraged to perform highly sensitive or destructive operations without explicit constraints defined within the skill's instructions. This dynamic and unconstrained execution model poses a risk of excessive permissions. Implement granular access controls for the Zoho connection within Rube MCP, ensuring the connected account has only the minimum necessary permissions (least privilege). Consider adding explicit checks or whitelists within the agent's logic to restrict the types of `tool_slug`s that can be executed, rather than relying solely on dynamic discovery. | LLM | SKILL.md:40 |
Scan History
Embed Code
[](https://skillshield.io/report/973f92d354fdfea5)
Powered by SkillShield