calendarhero-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious code or behavioral patterns detected. The skill consists entirely of instructional markdown for interacting with an external MCP server.
- [EXTERNAL_DOWNLOADS] (LOW): The skill references an external, non-whitelisted MCP endpoint (https://rube.app/mcp). While this is a third-party dependency, it is the intended primary purpose of the skill and does not involve automated script execution or package installation within the skill itself.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill's workflow depends on data ingested from a remote server which could theoretically contain malicious instructions.
- Ingestion points: Tool schemas, execution plans, and pitfalls returned by the RUBE_SEARCH_TOOLS command.
- Boundary markers: None specified in the instructions to separate remote tool definitions from agent instructions.
- Capability inventory: Includes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH, which allow for action execution and environment interactions.
- Sanitization: No sanitization or validation of the remote schema content is described.
Audit Metadata