The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill processes data from D2L Brightspace (a Learning Management System) which often contains student-generated or external content, creating a significant injection surface. * Ingestion points: Tools reading course modules, forum posts, or assignment submissions. * Boundary markers: None; the skill provides no instructions for the agent to distinguish between tool data and instructions. * Capability inventory: RUBE_MULTI_EXECUTE_TOOL allows data modification, and RUBE_REMOTE_WORKBENCH allows remote bulk operations. * Sanitization: None present.
External Downloads (HIGH): The skill requires connecting to an unverified external MCP server (https://rube.app/mcp). This server provides the tool definitions and execution logic. This is not a trusted source according to security policy.
Remote Code Execution (HIGH): Through the RUBE_REMOTE_WORKBENCH and run_composio_tool() functions, the skill facilitates execution of operations in a remote environment managed by a third party, which could be exploited to run unauthorized commands if the session is compromised via injection.
Command Execution (MEDIUM): The use of RUBE_MULTI_EXECUTE_TOOL enables the agent to perform a wide range of actions on the connected LMS platform, including potential administrative or sensitive data operations based on the user's connection permissions.

d2lbrightspace-automation