brevo-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill handles untrusted data from Brevo campaigns and templates, which could be used for indirect prompt injection. * Ingestion points: Data is retrieved via BREVO_LIST_EMAIL_CAMPAIGNS and BREVO_GET_ALL_EMAIL_TEMPLATES. * Boundary markers: The skill does not define specific delimiters or instructions to ignore instructions within processed data. * Capability inventory: The agent has the ability to create and update email campaigns and templates. * Sanitization: No sanitization or validation of the ingested HTML content is specified.
- [EXTERNAL_DOWNLOADS]: The skill requires the user to connect to a third-party MCP server at https://rube.app/mcp. This domain is not listed as a trusted vendor and represents an external network dependency.
Audit Metadata