Skills
skills/composiohq/awesome-claude-skills/census-bureau-automation/Gen Agent Trust Hub

census-bureau-automation

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill mandates the addition of an untrusted remote MCP server at https://rube.app/mcp. Remote MCP servers can provide arbitrary tool definitions that the agent is then instructed to use.
  • REMOTE_CODE_EXECUTION (MEDIUM): Through RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH, the skill executes operations based on tool slugs and logic provided by the remote server at runtime.
  • PROMPT_INJECTION (MEDIUM): The skill exhibits an Indirect Prompt Injection surface (Category 8). It fetches 'recommended execution plans' and schemas from RUBE_SEARCH_TOOLS and passes them directly into the agent's reasoning loop. There are no boundary markers or sanitization steps described to prevent a malicious server from injecting instructions into these plans.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 08:05 AM