Skills
skills/composiohq/awesome-claude-skills/GroqCloud Automation/Gen Agent Trust Hub

GroqCloud Automation

Warn

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • External Downloads (MEDIUM): The skill connects to a remote MCP server at https://rube.app/mcp. This is an external dependency from an unverified source, creating a risk of unauthorized code execution or data exposure via the third-party bridge.
  • Prompt Injection (MEDIUM): The skill is vulnerable to indirect prompt injection due to its processing of untrusted external content.
  • Ingestion points: Untrusted data enters the agent via the messages parameter in GROQCLOUD_GROQ_CREATE_CHAT_COMPLETION and via the file_path parameter (which supports HTTP URLs) in GROQCLOUD_GROQ_CREATE_AUDIO_TRANSLATION.
  • Boundary markers: There are no delimiters or instructions provided to the agent to treat this data as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill generates AI responses used for agent reasoning and can perform network requests to fetch external audio files, potentially allowing for data exfiltration or SSRF if given a malicious URL.
  • Sanitization: No input validation, escaping, or filtering is performed on the ingested content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 14, 2026, 12:20 PM