airtable-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes an external MCP server endpoint (
https://rube.app/mcp) to access Airtable tools. This is the intended primary purpose of the skill and uses a recognized service (Composio/Rube). - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data from Airtable records and comments that may be controlled by third parties.
- Ingestion points: Data enters the agent context through
AIRTABLE_LIST_RECORDS,AIRTABLE_GET_RECORD, andAIRTABLE_LIST_COMMENTStools. - Boundary markers: There are no explicit delimiters or safety instructions provided to the agent to treat retrieved record data as untrusted text.
- Capability inventory: The agent has permissions to create/update records, modify field schemas, and manage connection states through the referenced tools.
- Sanitization: No sanitization or validation steps are defined for the data retrieved before it is processed by the agent.
Audit Metadata