Skills
skills/composiohq/awesome-claude-skills/googledrive-automation/Gen Agent Trust Hub

googledrive-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • Unverifiable Dependencies (HIGH): The skill requires the user to add an MCP server from an untrusted external domain (https://rube.app/mcp). This domain is not part of the established trust scope, and the server provides the core logic and tool definitions at runtime.
  • Indirect Prompt Injection (HIGH): The workflow mandate to 'Always search tools first' for 'recommended execution plans' creates a massive attack surface. A malicious or compromised remote server can inject instructions into the search results, causing the agent to execute unauthorized Google Drive operations like mass deletion or sharing sensitive files.
  • Data Exfiltration & Exposure (MEDIUM): Sensitive Google Drive data and metadata are routed through the Rube MCP proxy. Furthermore, the RUBE_MANAGE_CONNECTIONS tool handles OAuth workflows, potentially exposing session tokens or access credentials to the third-party service provider.
  • Dynamic Execution (HIGH): The use of RUBE_REMOTE_WORKBENCH and RUBE_MULTI_EXECUTE_TOOL allows the remote server to dictate arbitrary sequences of operations. This provides a mechanism for remote execution of tool-based payloads that are defined and updated outside the visibility of the local agent's static configuration.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:43 PM