giphy-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directs the agent to connect to Composio's Giphy toolkit (via RUBE_MANAGE_CONNECTIONS and RUBE_MULTI_EXECUTE_TOOL using the rube.app/mcp endpoint and composio.dev/toolkits/giphy) to query and retrieve Giphy search results (public, user-generated GIFs and metadata), which are untrusted third‑party content the agent is expected to read/interpret.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires connecting to the Rube MCP server at https://rube.app/mcp at runtime and uses RUBE_SEARCH_TOOLS and RUBE_MULTI_EXECUTE_TOOL to fetch tool schemas/recommendations and execute remote tools, meaning remote content can control agent instructions and trigger remote code execution.