make-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface when processing external data. • Ingestion points: The MAKE_GET_OPERATIONS tool in SKILL.md retrieves operation records and scenario metadata from the Make platform. • Boundary markers: No delimiters or explicit instructions to ignore nested commands within the retrieved data are present. • Capability inventory: The skill uses network-capable tools from the Rube MCP and mentions RUBE_REMOTE_WORKBENCH for complex data processing. • Sanitization: No sanitization, escaping, or validation of the retrieved content is performed before it enters the agent's context.
- [EXTERNAL_DOWNLOADS]: The skill requires connecting to an external MCP server endpoint at https://rube.app/mcp for its core functionality.
Audit Metadata