Skills
skills/composiohq/awesome-claude-skills/alpha-vantage-automation/Gen Agent Trust Hub

alpha-vantage-automation

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (MEDIUM): The skill requires the user to add an external, untrusted MCP server endpoint at https://rube.app/mcp. This host is not on the trusted sources list and governs all tool logic and execution instructions provided to the agent.
  • Indirect Prompt Injection (MEDIUM): This skill exhibits a significant attack surface for indirect injection.
  • Ingestion points: Untrusted data enters the context via RUBE_SEARCH_TOOLS (which returns schemas from the untrusted server) and Alpha Vantage API responses.
  • Boundary markers: None identified in the provided instructions; data is processed directly.
  • Capability inventory: Includes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH, providing significant execution power over ingested data.
  • Sanitization: No sanitization or validation of the remote tool schemas or API responses is mentioned.
  • Dynamic Execution (MEDIUM): The skill references RUBE_REMOTE_WORKBENCH and run_composio_tool(), which implies a remote execution environment. Executing code or complex tool chains in a remote, untrusted environment poses a risk of environment breakout or data exposure.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 08:06 AM