Skills
skills/composiohq/awesome-claude-skills/bookingmood-automation/Gen Agent Trust Hub

bookingmood-automation

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the addition of an external MCP server (https://rube.app/mcp) which is not on the trusted organizations list. This creates a dependency on an unverified third-party service.
  • REMOTE_CODE_EXECUTION (MEDIUM): The skill uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to execute tools based on schemas and execution plans retrieved at runtime from the remote Rube server.
  • COMMAND_EXECUTION (MEDIUM): The capabilities provided, such as connection management and run_composio_tool(), allow for high-impact operations on the Bookingmood platform.
  • PROMPT_INJECTION (LOW): The skill has an indirect prompt injection surface. 1. Ingestion points: Tool definitions and schemas from RUBE_SEARCH_TOOLS. 2. Boundary markers: Absent; there are no instructions to the agent to treat external schema metadata as untrusted. 3. Capability inventory: Execution of arbitrary tools and remote workbench access. 4. Sanitization: Absent; the skill trusts the remote server's response for argument schemas and use-case plans.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:32 PM