Security Audit
tiktok-automation
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
tiktok-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Dependency on external Rube MCP server.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Dependency on external Rube MCP server The skill explicitly requires and instructs the user to connect to an external Rube MCP server at `https://rube.app/mcp`. While this is necessary for the skill's functionality, any external dependency introduces a supply chain risk. If `rube.app` were compromised or malicious, it could potentially lead to unauthorized actions or data exfiltration through the tools provided by the MCP. The analyzer cannot verify the trustworthiness of this external service. Verify the trustworthiness and security posture of `https://rube.app/mcp` before integrating. Consider implementing strict network policies to limit communication to this endpoint. Regularly monitor for any suspicious activity related to this dependency. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/cc5e7f7e52b17d6a)
Powered by SkillShield