Skills
skills/composiohq/awesome-claude-skills/beaconstac-automation/Gen Agent Trust Hub

beaconstac-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • [External Downloads] (LOW): The skill requires the configuration of an external MCP server at https://rube.app/mcp. This source is not on the predefined trusted list, meaning the tools and logic it provides are unverifiable.
  • [Indirect Prompt Injection] (LOW): The workflow relies on dynamically fetching tool schemas and execution plans from the remote server via RUBE_SEARCH_TOOLS and then executing them. This architecture is susceptible to tool output poisoning if the external server returns malicious instructions.
  • Ingestion points: RUBE_SEARCH_TOOLS API responses.
  • Boundary markers: Absent; the skill instructs the agent to use discovered schemas directly.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH provide broad operational capabilities, including remote execution of tasks.
  • Sanitization: None; the instructions emphasize exact field name compliance from the untrusted search results without validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:31 PM