hyperise-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- External Downloads (LOW): The skill directs users to add an external MCP server from https://rube.app/mcp. This domain is not on the trusted list.
- Prompt Injection (LOW): The skill relies on RUBE_SEARCH_TOOLS to fetch tool schemas and execution plans at runtime from an external source. This creates an indirect prompt injection surface where the external server could influence agent behavior. 1. Ingestion points: RUBE_SEARCH_TOOLS results. 2. Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH. 3. Sanitization: None identified; the skill instructs following search results exactly.
Audit Metadata