boloforms-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the configuration of an external MCP server at
https://rube.app/mcp. This domain and its associated services (Composio) are not on the trusted sources list, meaning the integrity of the tools and instructions provided cannot be statically verified. - COMMAND_EXECUTION (MEDIUM): The skill utilizes
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHto perform actions. These tools execute logic on remote environments based on schemas discovered at runtime from the external server, which could lead to unauthorized actions if the external source is compromised. - PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it dynamically fetches tool schemas and instructions.
- Ingestion points: Data returned from the
RUBE_SEARCH_TOOLScall via therube.appendpoint. - Boundary markers: Absent. The instructions tell the agent to 'Always search tools first' and follow the returned schemas without validation.
- Capability inventory: Remote tool execution, connection management, and workbench operations across multiple tools.
- Sanitization: None detected. The skill assumes the validity of the external search results.
Audit Metadata