active-campaign-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill directs users to connect to a third-party MCP server at
https://rube.app/mcp. While common for integration skills, users should verify the provider's trustworthiness. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it processes data from ActiveCampaign and uses it to drive subsequent tool actions without defined boundary markers or sanitization. Ingestion points: Data returned from ActiveCampaign tools. Boundary markers: None specified in the workflow instructions. Capability inventory: Includes tool execution (
RUBE_MULTI_EXECUTE_TOOL) and connection management. Sanitization: No evidence of filtering or escaping external data before use in prompts.
Audit Metadata