amara-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill requires the configuration of an external MCP server at 'https://rube.app/mcp'. This host is not on the list of trusted providers (e.g., Anthropic, OpenAI, Google).
- [REMOTE_CODE_EXECUTION] (LOW): Tools are executed remotely via 'RUBE_MULTI_EXECUTE_TOOL'. The specific logic and behavior of these tools are defined by the remote MCP server at runtime.
- [COMMAND_EXECUTION] (LOW): The skill facilitates the execution of remote 'Amara' toolkit operations, which are effectively commands managed by the Composio platform.
- [PROMPT_INJECTION] (LOW): The agent is instructed to use 'RUBE_SEARCH_TOOLS' to determine its own execution plan. Malicious data returned in tool schemas or descriptions from the remote server could influence agent behavior. Evidence Chain: 1. Ingestion point: RUBE_SEARCH_TOOLS output. 2. Boundary markers: Absent. 3. Capability inventory: RUBE_MULTI_EXECUTE_TOOL. 4. Sanitization: Not specified.
Audit Metadata