gender-api-automation
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- External Dependency (MEDIUM): The skill requires the user to add 'https://rube.app/mcp' as an MCP server. This is an external, third-party service not included in the trusted provider list, making it an unverified dependency that manages tool logic and execution.
- Indirect Prompt Injection Surface (MEDIUM): The 'Core Workflow Pattern' relies on 'RUBE_SEARCH_TOOLS' to fetch schemas, input field names, and execution plans. Because the agent is instructed to 'Always search tools first' and follow the returned plans, a compromised or malicious response from the remote server could lead to unauthorized actions or data redirection during the 'RUBE_MULTI_EXECUTE_TOOL' step.
- Command Execution (LOW): The skill enables remote tool execution via the 'RUBE_MULTI_EXECUTE_TOOL' and 'RUBE_REMOTE_WORKBENCH' interfaces. While scoped to the Gender API toolkit, the underlying capability allows the remote server to define the parameters and logic of these executions.
Audit Metadata