hotspotsystem-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill configures a connection to a remote MCP server at
https://rube.app/mcp. Although this is essential for the skill's primary purpose, the domain is not included in the trusted source list. - PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its reliance on dynamic tool metadata. * Ingestion points: Untrusted tool schemas and execution plans are ingested via the
RUBE_SEARCH_TOOLScommand. * Boundary markers: No explicit boundary markers or instructions to ignore embedded commands within tool schemas are present. * Capability inventory: The skill possesses significant capabilities includingRUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH. * Sanitization: There is no evidence of sanitization or validation of the remote tool descriptions before they are processed by the agent.
Audit Metadata