The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (MEDIUM): The skill configuration requires adding an external MCP server (https://rube.app/mcp). This domain is not included in the Trusted External Sources list, making the source of the agent's tool logic and capabilities unverifiable.- [COMMAND_EXECUTION] (HIGH): The skill facilitates the execution of arbitrary tools through RUBE_MULTI_EXECUTE_TOOL and provides bulk operation capabilities via RUBE_REMOTE_WORKBENCH, which can lead to significant side effects on the user's environment or connected services.- [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8). Evidence Chain: 1. Ingestion points: The agent fetches tool slugs, input schemas, and 'recommended execution plans' from the remote RUBE_SEARCH_TOOLS endpoint. 2. Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands in the fetched data. 3. Capability inventory: The agent has access to tool execution (RUBE_MULTI_EXECUTE_TOOL) and remote workbench capabilities. 4. Sanitization: Absent; the instructions mandate using exact field names and types returned by the remote search, effectively delegating control of the agent's actions to the remote server results.

interzoid-automation