giphy-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires users to add an external MCP server endpoint (
https://rube.app/mcp). This domain is not listed as a trusted organization or repository. - REMOTE_CODE_EXECUTION (MEDIUM): The workflow utilizes
RUBE_REMOTE_WORKBENCHandRUBE_MULTI_EXECUTE_TOOL, which allows for the execution of tools and potentially scripts on a remote infrastructure managed by a third party. - DYNAMIC_EXECUTION (MEDIUM): The skill mandates a 'search-first' approach using
RUBE_SEARCH_TOOLSto fetch schemas and execution plans. This allows the remote server to dynamically define the agent's behavior and tool parameters at runtime. - INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted data from Giphy and the Rube MCP server.
- Ingestion points: Data enters the context via
RUBE_SEARCH_TOOLSresponses and Giphy toolkit outputs. - Boundary markers: None. The instructions do not specify delimiters to separate tool output from instructions.
- Capability inventory: The skill can execute multiple tools and access a remote workbench via
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH. - Sanitization: There is no evidence of sanitization or validation of the schemas or data returned by the remote service.
Audit Metadata