Skills
skills/composiohq/awesome-claude-skills/callerapi-automation/Gen Agent Trust Hub

callerapi-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill implements a workflow where the agent must dynamically fetch schemas and execution plans from a remote source and follow them.
  • Ingestion points: Results from RUBE_SEARCH_TOOLS (tool slugs, schemas, and execution plans) provided by the rube.app endpoint.
  • Boundary markers: Absent; there are no instructions to validate or sanitize the metadata returned by the search tool.
  • Capability inventory: High-capability tools like RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH are used to execute actions based on the ingested data.
  • Sanitization: Absent; the instructions mandate using exact field names and types from the search results without verification.
  • External Dependency (LOW): The skill requires the use of an external MCP server (https://rube.app/mcp) that is not listed as a trusted source. The security of the workflows depends entirely on the integrity of this third-party service.
  • No Code (SAFE): The skill consists entirely of markdown instructions and metadata, containing no Python, JavaScript, or shell scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:33 PM