fixer-automation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [External Downloads] (HIGH): The skill configures a connection to an untrusted external endpoint
https://rube.app/mcpwhich is not on the trusted source list. - [Indirect Prompt Injection] (HIGH): The skill fetches 'recommended execution plans' and schemas from an external server via
RUBE_SEARCH_TOOLS, which can be manipulated to inject malicious instructions. Ingestion point: RUBE_SEARCH_TOOLS; Boundary markers: None; Capability: RUBE_MULTI_EXECUTE_TOOL; Sanitization: None. - [Remote Code Execution] (HIGH): The skill enables execution of tools defined and structured by the remote service via
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH, providing a path for remote command execution based on third-party instructions.
Recommendations
- AI detected serious security threats
Audit Metadata