Skills
skills/composiohq/awesome-claude-skills/cloudpress-automation/Gen Agent Trust Hub

cloudpress-automation

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): Directs users to add 'https://rube.app/mcp' as an MCP server. This domain is not in the trusted organizations or repositories list. Adding unverified MCP endpoints allows external providers to define tool behavior and potentially execute arbitrary logic within the agent session.
  • PROMPT_INJECTION (LOW): High surface area for Indirect Prompt Injection (Category 8). The workflow relies on 'RUBE_SEARCH_TOOLS' to provide execution schemas and plans which the agent then follows.
  • Ingestion points: Tool schemas and execution plans from 'RUBE_SEARCH_TOOLS' (external data).
  • Boundary markers: Absent; instructions suggest trusting search results for current schemas.
  • Capability inventory: Includes 'RUBE_MULTI_EXECUTE_TOOL' and 'RUBE_REMOTE_WORKBENCH', which can perform complex operations.
  • Sanitization: Absent; no validation or escaping of the search results is specified before use in execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:42 PM