make-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server at
https://rube.app/mcp. This remote service provides the tools necessary for the skill's operation, such asMAKE_GET_OPERATIONS. While this is the intended design, it establishes a dependency on an external domain not listed in the trusted vendors list. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of external data.
- Ingestion points: The agent retrieves operation logs and execution metadata from Make.com via the
MAKE_GET_OPERATIONStool. - Boundary markers: No specific delimiters or 'ignore' instructions are provided to the agent to segregate untrusted data from the system prompt.
- Capability inventory: The skill utilizes tools for searching other tools (
RUBE_SEARCH_TOOLS) and managing service connections (RUBE_MANAGE_CONNECTIONS). - Sanitization: There is no evidence of sanitization, filtering, or validation of the retrieved operation data before it is processed by the agent.
Audit Metadata