hystruct-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to call RUBE_SEARCH_TOOLS / RUBE_GET_TOOL_SCHEMAS against an external MCP endpoint (e.g., https://rube.app/mcp and composio.dev/toolkits/hystruct) and to read the returned tool slugs, input schemas and execution plans as part of its workflow, which exposes it to untrusted third‑party content that could contain indirect prompt injection.