Facebook Automation
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to indirect prompt injection. Ingestion points: Data enters through FACEBOOK_GET_CONVERSATION_MESSAGES and FACEBOOK_GET_PAGE_POSTS. Boundary markers: None specified to distinguish data from instructions. Capability inventory: Write access via FACEBOOK_CREATE_POST, FACEBOOK_SEND_MESSAGE, and FACEBOOK_UPLOAD_VIDEO. Sanitization: None described for external content.
- Data Exposure & Exfiltration (LOW): The skill connects to an external MCP endpoint https://rube.app/mcp and handles sensitive Facebook Page access tokens and private message content. While these operations are required for the skill's functionality, they represent a data exposure surface.
Audit Metadata