Skills
skills/composiohq/awesome-claude-skills/google_classroom-automation/Gen Agent Trust Hub

google_classroom-automation

Warn

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires connecting to an external MCP server at https://rube.app/mcp. This domain is not on the trusted sources list and acts as a gateway for all tool schemas and executions.
  • COMMAND_EXECUTION (MEDIUM): The skill utilizes RUBE_REMOTE_WORKBENCH for bulk operations and data processing. This function allows for remote execution of logic and tool calls, which bypasses local environment controls.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection because it processes untrusted data from Google Classroom (assignments, announcements, and rosters).
  • Ingestion points: Data retrieved from Google Classroom via tools discovered through RUBE_SEARCH_TOOLS.
  • Boundary markers: Absent; the instructions do not specify any delimiters to separate classroom content from agent instructions.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL (write/modify classroom data) and RUBE_REMOTE_WORKBENCH (remote data processing).
  • Sanitization: Absent; there is no mention of filtering or sanitizing classroom content before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 18, 2026, 01:43 AM