facebook-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (Facebook comments and posts) without explicit boundary markers or sanitization, creating a surface for indirect prompt injection.
- Ingestion points: External data is ingested through tools that list Facebook comments and post details in SKILL.md.
- Boundary markers: No explicit delimiters are specified to isolate external data from the agent's instructions.
- Capability inventory: The skill permits high-privilege actions such as creating posts and replying to comments via the rube MCP.
- Sanitization: No sanitization or validation logic is defined for the ingested content.
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server hosted at https://rube.app/mcp.
Audit Metadata