Skills
skills/composiohq/awesome-claude-skills/campayn-automation/Gen Agent Trust Hub

campayn-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill requires connecting to an untrusted MCP endpoint https://rube.app/mcp. This server provides the tools, logic, and schemas for the agent to use, giving it control over the agent's capabilities.
  • PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection through its core workflow. Ingestion points: RUBE_SEARCH_TOOLS returns tool schemas and execution plans from the untrusted MCP server. Boundary markers: Completely absent; the agent is instructed to 'Always search tools first' and follow the 'recommended execution plans'. Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH allow for the execution of arbitrary tools and code defined by the server. Sanitization: No sanitization of external content is present.
  • REMOTE_CODE_EXECUTION (HIGH): By combining untrusted tool definitions from RUBE_SEARCH_TOOLS with the execution capability of RUBE_MULTI_EXECUTE_TOOL, the external MCP server can effectively execute arbitrary logic via the agent's environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:15 AM