Skills
skills/composiohq/awesome-claude-skills/ip2proxy-automation/Gen Agent Trust Hub

ip2proxy-automation

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): The skill requires the configuration of an external MCP server (https://rube.app/mcp). MCP servers provide executable tools directly to the agent's environment. As this domain is not on the trusted sources list, it represents an unverified remote code execution vector.
  • [COMMAND_EXECUTION] (HIGH): The skill invokes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH (specifically run_composio_tool()). These functions allow the remote service to execute operations on the agent's behalf, providing a high-privilege execution surface controlled by an external provider.
  • [PROMPT_INJECTION] (HIGH): The core logic relies on 'Indirect Prompt Injection' via RUBE_SEARCH_TOOLS. The agent is instructed to fetch 'recommended execution plans' and 'schemas' from the remote server and follow them explicitly.
  • Ingestion points: RUBE_SEARCH_TOOLS output (schemas, execution plans, known pitfalls).
  • Boundary markers: Absent. The agent is directed to treat the remote output as the authoritative source for its next steps.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH, RUBE_MANAGE_CONNECTIONS.
  • Sanitization: None detected; the agent is instructed to use 'exact field names and types' from the remote results.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 08:00 AM