brevo-automation
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the configuration of an external MCP server hosted at https://rube.app/mcp. This domain is not recognized as a trusted source (e.g., GitHub, Anthropic, or Google) according to the security guidelines, requiring manual verification of the provider.
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it fetches and processes email campaign content and templates that could contain malicious instructions. Evidence: 1. Ingestion points: Email content retrieved via BREVO_LIST_EMAIL_CAMPAIGNS and BREVO_GET_ALL_EMAIL_TEMPLATES. 2. Boundary markers: Absent. 3. Capability inventory: The skill can modify campaigns and templates via BREVO_UPDATE_EMAIL_CAMPAIGN and BREVO_CREATE_OR_UPDATE_EMAIL_TEMPLATE. 4. Sanitization: Absent.
Audit Metadata