Skills
skills/composiohq/awesome-claude-skills/icims-talent-cloud-automation/Gen Agent Trust Hub

icims-talent-cloud-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Unverifiable Dependencies] (MEDIUM): The skill requires the user to add an external MCP server endpoint (https://rube.app/mcp). This domain is not included in the trusted source list, making the server an unvetted dependency that controls the agent's available tools.
  • [Indirect Prompt Injection] (HIGH): The skill is highly vulnerable to poisoning via remote data.
  • Ingestion points: Untrusted data enters the context via RUBE_SEARCH_TOOLS, which returns "recommended execution plans" and input schemas from the remote server.
  • Boundary markers: None present; the instructions explicitly tell the agent to follow the schemas and plans returned by the search.
  • Capability inventory: The skill uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH, which provide write/execute capabilities on the Icims Talent Cloud platform (sensitive HR/personnel data).
  • Sanitization: No evidence of sanitization or validation of the remote execution plans before the agent acts on them.
  • [Dynamic Execution] (MEDIUM): The workflow relies on RUBE_MULTI_EXECUTE_TOOL to execute tools that are not defined locally. The agent constructs these calls dynamically at runtime using values and structures provided by the remote rube.app service, increasing the risk of executing malicious or unintended commands.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:31 PM