Skills
skills/aaaaqwq/agi-super-team/one-drive-automation/Gen Agent Trust Hub

one-drive-automation

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes content from an external source (OneDrive). An attacker with access to a shared file or folder could embed malicious instructions that the agent might follow while performing automation tasks.\n
  • Ingestion points: The tools ONE_DRIVE_SEARCH_ITEMS and ONE_DRIVE_GET_ITEM in SKILL.md are used to search and read file contents and metadata.\n
  • Boundary markers: Absent. There are no instructions or delimiters provided to help the agent distinguish between the developer's instructions and instructions found within retrieved data.\n
  • Capability inventory: The skill includes high-impact tools such as ONE_DRIVE_INVITE_USER_TO_DRIVE_ITEM, ONE_DRIVE_DELETE_ITEM, ONE_DRIVE_MOVE_ITEM, and ONE_DRIVE_CREATE_LINK.\n
  • Sanitization: Absent. Content retrieved from OneDrive is not validated or filtered before being processed by the agent.\n- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server at https://rube.app/mcp to provide the OneDrive automation toolkit. This URL is used to fetch the schemas and logic for the OneDrive tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 07:00 AM