Skills
skills/composiohq/awesome-claude-skills/ko-fi-automation/Gen Agent Trust Hub

ko-fi-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
  • [External Downloads] (LOW): The skill references an external MCP server endpoint (https://rube.app/mcp). While this is a known service for the Composio ecosystem, the domain is not included in the pre-approved trusted source list.
  • [Prompt Injection] (LOW): The skill's architecture is susceptible to Indirect Prompt Injection (Category 8).
  • Ingestion points: The workflow relies on RUBE_SEARCH_TOOLS and RUBE_GET_TOOL_SCHEMAS to fetch executable tool definitions from a remote server.
  • Boundary markers: There are no delimiters or specific instructions for the agent to ignore potentially malicious content within the fetched tool schemas.
  • Capability inventory: The skill utilizes RUBE_MULTI_EXECUTE_TOOL which can perform write actions (e.g., Ko-Fi operations) on behalf of the user.
  • Sanitization: The skill does not implement or describe sanitization of the remote tool definitions before they are used for execution.
  • [No Code] (SAFE): The skill consists entirely of documentation and metadata; it does not ship with scripts, binaries, or package manifest files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:42 PM