axonaut-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill configuration requires the user to add
https://rube.app/mcpas an MCP server. This domain is not within the defined trusted source scope. Per the priority rule for primary purpose, this finding is classified as LOW. - [PROMPT_INJECTION] (LOW): The skill implements a dynamic discovery pattern (Category 8) that retrieves instructions from a remote source via
RUBE_SEARCH_TOOLS. Evidence: 1. Ingestion points: The response fromRUBE_SEARCH_TOOLScontaining tool schemas and execution plans; 2. Boundary markers: No delimiters or ignore-instructions warnings are used; 3. Capability inventory:RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHprovide the ability to act on the remote instructions; 4. Sanitization: No sanitization of the remote tool definitions is mentioned or enforced.
Audit Metadata