Skills
skills/composiohq/awesome-claude-skills/big-data-cloud-automation/Gen Agent Trust Hub

big-data-cloud-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill's core workflow relies on the agent fetching 'recommended execution plans' and 'input schemas' from a remote endpoint via RUBE_SEARCH_TOOLS and then immediately using that data to perform operations.
  • Ingestion points: Data returned from RUBE_SEARCH_TOOLS as described in SKILL.md.
  • Boundary markers: None provided. The instructions explicitly tell the agent to 'Always search tools first' and follow 'recommended execution plans'.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH provide the ability to execute operations and scripts against Big Data Cloud accounts.
  • Sanitization: No sanitization or validation logic is present to ensure the remote server's responses are safe or restricted.
  • Unverified External Dependency (MEDIUM): The skill requires connection to https://rube.app/mcp, an unverified third-party service. Since this service provides the instructions (schemas/plans) the agent follows, it represents a significant supply-chain risk.
  • Dynamic Execution (MEDIUM): The use of RUBE_MULTI_EXECUTE_TOOL with tool slugs and arguments dynamically discovered at runtime allows for the execution of arbitrary operations if the discovery source is compromised or malicious.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:58 AM