The Agent Skills Directory

[Indirect Prompt Injection] (HIGH): The skill uses a pattern where it fetches tool definitions and execution plans from an external source (RUBE_SEARCH_TOOLS) and immediately acts upon them using RUBE_MULTI_EXECUTE_TOOL. \n- Ingestion points: External tool schemas and pitfalls returned by the Rube MCP server. \n- Boundary markers: None identified; the agent is instructed to use the returned data directly. \n- Capability inventory: Includes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH which can perform state-changing operations on a 'Better Proposals' account. \n- Sanitization: No logic is present to sanitize or validate the integrity of the tool slugs or arguments returned from the remote server before execution. \n- [Dynamic Execution] (MEDIUM): The skill mandates the discovery of tools at runtime. This 'search-first' requirement means the capabilities of the agent are not fixed and are determined by the remote MCP server at the time of execution, effectively allowing for dynamic command generation. \n- [External Downloads] (MEDIUM): The skill directs the user to add an external MCP endpoint (https://rube.app/mcp). This endpoint is not within the provided list of trusted sources and acts as the primary controller for the agent's logic and tool schemas.

better-proposals-automation