kaggle-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill requires an active Kaggle connection (via RUBE_MANAGE_CONNECTIONS with toolkit "kaggle") and runs toolkit calls (e.g., RUBE_MULTI_EXECUTE_TOOL) to perform Kaggle operations, which entails fetching and interpreting user-generated, public Kaggle content (datasets/notebooks/posts) from a third-party site.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires adding and using the MCP server at https://rube.app/mcp at runtime (via RUBE_SEARCH_TOOLS, RUBE_MANAGE_CONNECTIONS, RUBE_MULTI_EXECUTE_TOOL), which fetches tool schemas and recommended execution plans that directly control agent prompts/arguments and trigger remote tool execution.