gosquared-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [External Downloads] (MEDIUM): The skill requires the installation of an MCP server from
https://rube.app/mcp. This domain is not listed as a trusted source, meaning the logic and safety of the server cannot be verified. - [Remote Code Execution] (MEDIUM): The skill documentation describes the use of
RUBE_REMOTE_WORKBENCH, which provides a surface for executing remote tools and code. This capability is driven by dynamic inputs from an untrusted external API. - [Indirect Prompt Injection] (LOW): The workflow is explicitly designed to fetch 'recommended execution plans' from the Rube API and have the agent execute them. This architecture allows the external service to potentially override agent intent or safety constraints. 1. Ingestion points: Remote responses from
RUBE_SEARCH_TOOLS. 2. Boundary markers: Absent; the agent is told to 'Always search first' and follow the returned schemas exactly. 3. Capability inventory:RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH. 4. Sanitization: Absent; the skill relies on exact field names and types provided by the search results.
Audit Metadata