The Agent Skills Directory

[Indirect Prompt Injection] (HIGH): The skill processes untrusted data from the Feathery platform and possesses the capability to execute actions via RUBE_MULTI_EXECUTE_TOOL. This creates a path for malicious data within Feathery to influence or hijack agent behavior.
Ingestion points: Data retrieved from Feathery via Rube MCP tools.
Boundary markers: Absent; there are no instructions to the agent to disregard instructions embedded within the retrieved Feathery data.
Capability inventory: Execution of discovered tools (RUBE_MULTI_EXECUTE_TOOL), management of connections (RUBE_MANAGE_CONNECTIONS), and bulk operations via a remote workbench (RUBE_REMOTE_WORKBENCH).
Sanitization: No sanitization or validation of external content is mentioned before it is processed or used in downstream tool calls.
[Remote Code Execution / External Downloads] (MEDIUM): The skill requires the user to add an external, third-party MCP server (https://rube.app/mcp). This server dynamically provides the tool schemas and execution logic at runtime. Since this source is not on the provided trusted list, it represents an unverifiable dependency that controls the agent's available tools.
[Command Execution] (MEDIUM): The use of RUBE_REMOTE_WORKBENCH and RUBE_MULTI_EXECUTE_TOOL allows for the execution of arbitrary operations defined by the remote MCP server, which may include sensitive data manipulation or environment interaction.

feathery-automation