Skills
skills/composiohq/awesome-claude-skills/google_maps-automation/Gen Agent Trust Hub

google_maps-automation

Warn

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill relies on an external, unvetted MCP server endpoint (https://rube.app/mcp) to provide its core functionality.
  • [REMOTE_CODE_EXECUTION] (MEDIUM): The skill documentation explicitly describes using RUBE_REMOTE_WORKBENCH to execute dynamic logic, such as Python loops and ThreadPoolExecutor, which constitutes remote code execution.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it processes data from external Google Maps API tools (like place names or search results) which could contain adversarial content. * Ingestion points: Tool outputs from geocoding, place search, and directions tools. * Boundary markers: None provided in the skill instructions. * Capability inventory: Access to remote code execution (Workbench) and Google Maps API operations. * Sanitization: No sanitization or validation of the ingested external data is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 18, 2026, 01:44 AM