Skills
skills/composiohq/awesome-claude-skills/fidel-api-automation/Gen Agent Trust Hub

fidel-api-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires users to configure https://rube.app/mcp as an MCP server. This endpoint is an external, non-trusted source that provides the tool definitions and operational logic used by the agent.
  • COMMAND_EXECUTION (HIGH): The skill utilizes RUBE_MULTI_EXECUTE_TOOL to perform actions. Because the tool slugs and arguments are derived dynamically from RUBE_SEARCH_TOOLS results at runtime, the agent is vulnerable to executing malicious or unintended commands provided by the remote server.
  • REMOTE_CODE_EXECUTION (HIGH): The usage of RUBE_REMOTE_WORKBENCH with run_composio_tool() enables the execution of remote workloads on Composio infrastructure. When combined with dynamic tool discovery, this presents a high risk for remote logic execution guided by untrusted input.
  • INDIRECT_PROMPT_INJECTION (HIGH): (Category 8) The core workflow mandates calling RUBE_SEARCH_TOOLS to get 'recommended execution plans' and schemas. This untrusted data directly influences the agent's behavior and capability inventory, serving as a primary vector for instructions that could override safety constraints or exfiltrate data via Fidel API operations.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:57 PM