Skills
skills/composiohq/awesome-claude-skills/customjs-automation/Gen Agent Trust Hub

customjs-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill instructs the agent to connect to an external MCP server at https://rube.app/mcp. This domain is not part of the trusted organization list, making it an unverifiable external dependency.
  • [COMMAND_EXECUTION] (LOW): The skill utilizes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to perform operations. These capabilities are triggered based on schemas provided by the external MCP server.
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill ingests untrusted data from RUBE_SEARCH_TOOLS to determine tool slugs and execution plans.
  • Ingestion points: Data returned by RUBE_SEARCH_TOOLS and RUBE_GET_TOOL_SCHEMAS in SKILL.md.
  • Boundary markers: Absent. The skill does not provide instructions to the agent to treat schemas or execution plans as potentially malicious.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL (tool execution), RUBE_REMOTE_WORKBENCH (remote execution environment).
  • Sanitization: Absent. The agent is instructed to follow the 'exact field names' and 'recommended execution plans' provided by the external tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:34 PM