Skills
skills/composiohq/awesome-claude-skills/jobnimbus-automation/Gen Agent Trust Hub

jobnimbus-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill instructs users to configure an untrusted remote MCP server endpoint (https://rube.app/mcp). This is an unverifiable external dependency that manages the core logic and tool definitions for the skill.
  • PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8). It ingests data from Jobnimbus (untrusted external content) and possesses powerful 'write' capabilities via RUBE_MULTI_EXECUTE_TOOL. There are no documented boundary markers, delimiters, or sanitization procedures to prevent malicious CRM data from hijacking the agent's behavior.
  • REMOTE_CODE_EXECUTION (HIGH): The use of RUBE_REMOTE_WORKBENCH and dynamic tool execution orchestrated by an untrusted remote endpoint (rube.app) constitutes a remote code execution risk, as the server can provide and execute arbitrary tool logic within the agent's context.
  • COMMAND_EXECUTION (HIGH): The tool provides primitives for broad execution (RUBE_MULTI_EXECUTE_TOOL) based on dynamically discovered schemas from a remote source, which can be exploited if the source or the data it processes is compromised.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:29 PM