Security Audit
wrike-automation
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
wrike-automation received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Excessive Permissions: Destructive and User Management Capabilities.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Excessive Permissions: Destructive and User Management Capabilities The skill exposes tools that allow for permanent deletion of folders and entire workspaces (`WRIKE_DELETE_FOLDER`, `WRIKE_DELETE_SPACE`), and the creation of new user invitations (`WRIKE_CREATE_INVITATION`) with potentially administrative roles. These operations are highly sensitive and irreversible. An AI agent, if compromised or misdirected, could use these tools to cause significant data loss or unauthorized access to the Wrike workspace. Consider implementing stricter access controls or requiring explicit human confirmation for highly destructive actions (e.g., `DELETE_FOLDER`, `DELETE_SPACE`) and sensitive user management operations (e.g., `CREATE_INVITATION`). If possible, split the skill into multiple, more granular skills with distinct permission scopes to adhere to the principle of least privilege. Ensure that the underlying Rube MCP and Wrike OAuth scopes are as restrictive as possible. | LLM | SKILL.md:100 |
Scan History
Embed Code
[](https://skillshield.io/report/c665bf84c2f37f0b)
Powered by SkillShield