Skills
skills/composiohq/awesome-claude-skills/gist-automation/Gen Agent Trust Hub

gist-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill requires a connection to an external MCP server at https://rube.app/mcp. This domain is not on the trusted sources list, though it provides the core functionality.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection from Gist content. 1. Ingestion points: Gist content retrieved through the gist toolkit. 2. Boundary markers: Absent; there are no instructions to disregard instructions embedded in data. 3. Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH allow significant actions. 4. Sanitization: Absent; content is not validated or escaped.
  • [COMMAND_EXECUTION] (LOW): The skill uses dynamic execution patterns by searching for tools at runtime via RUBE_SEARCH_TOOLS and executing them via RUBE_MULTI_EXECUTE_TOOL.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:46 PM