esputnik-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references an external MCP endpoint (rube.app/mcp) and documentation for the Composio toolkit. These are standard integration points for MCP-compatible agents and do not involve malicious code execution.
- [PROMPT_INJECTION] (SAFE): The instructions are purely functional and do not attempt to override the agent's safety guidelines or system instructions.
- [DATA_EXFILTRATION] (SAFE): No evidence of sensitive data access or exfiltration. Authentication is managed through the tool's native connection management system.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill relies on dynamic tool discovery through
RUBE_SEARCH_TOOLS. As it ingests data from an external MCP server to define its capabilities, it technically has an ingestion surface for indirect prompt injection, but this is a standard feature of the MCP architecture and no malicious exploitation is present.
Audit Metadata