Skills
skills/composiohq/awesome-claude-skills/coinmarketcal-automation/Gen Agent Trust Hub

coinmarketcal-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [External Downloads] (LOW): The skill requires the user to add an external MCP endpoint https://rube.app/mcp. This domain is not listed as a trusted external source, though it is necessary for the skill's primary function.
  • [Remote Code Execution] (LOW): The skill uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to execute tasks on remote infrastructure. While this is the intended purpose, it grants the agent the ability to perform actions in a remote environment based on external input.
  • [Prompt Injection] (LOW): The skill is vulnerable to indirect prompt injection (Category 8). \n
  • Ingestion points: Tool schemas and execution plans are fetched dynamically from the RUBE_SEARCH_TOOLS endpoint and external API responses. \n
  • Boundary markers: None provided; the instructions tell the agent to follow the returned schemas and arguments exactly. \n
  • Capability inventory: Remote execution capabilities via RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH. \n
  • Sanitization: No sanitization or validation of the remote tool schemas is performed before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:32 PM