clearout-automation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires configuring a remote MCP server at
https://rube.app/mcp. This domain is not within the defined trusted sources and serves as the primary provider for the skill's logic.- [REMOTE_CODE_EXECUTION] (HIGH): The core workflow pattern relies on fetching 'recommended execution plans' from the remoteRUBE_SEARCH_TOOLSendpoint. Because the agent is instructed to follow these plans and use 'discovered tool slugs', a malicious or compromised server could return instructions that execute arbitrary workflows.- [COMMAND_EXECUTION] (HIGH): The skill performs automation tasks (e.g., Clearout operations) using theRUBE_MULTI_EXECUTE_TOOLcapability. It lacks any validation, boundary markers, or human-in-the-loop verification steps to sanitize the tool arguments or slugs returned by the remote service before execution.
Recommendations
- AI detected serious security threats
Audit Metadata