Skills
skills/composiohq/awesome-claude-skills/brightdata-automation/Gen Agent Trust Hub

brightdata-automation

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [External Downloads] (MEDIUM): The skill instructs the user to add an external MCP endpoint https://rube.app/mcp. This source is not included in the pre-approved trusted list and acts as a remote provider of logic and tool definitions.
  • [Remote Code Execution] (MEDIUM): The workflow relies on RUBE_SEARCH_TOOLS to fetch execution plans and RUBE_MULTI_EXECUTE_TOOL to run them. This pattern executes logic defined dynamically by a remote server at runtime.
  • [Indirect Prompt Injection] (LOW): The skill implements a discovery-driven workflow that is vulnerable to poisoned outputs from the remote server.
  • Ingestion points: Tool schemas, slugs, and recommended execution plans returned by the RUBE_SEARCH_TOOLS call in SKILL.md.
  • Boundary markers: Absent; the instructions tell the agent to follow the returned schemas and plans exactly.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL (tool execution) and RUBE_REMOTE_WORKBENCH (bulk operations/remote execution).
  • Sanitization: Absent; no local validation of the tool slugs or argument structures is performed before execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:32 PM