labs64-netlicensing-automation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (HIGH): The skill requires adding an external MCP server (https://rube.app/mcp) which is not from a trusted source. This server provides the tools the agent executes, effectively delegating logic to a remote untrusted host.
- Indirect Prompt Injection (HIGH): The skill is highly susceptible to indirect prompt injection due to its core workflow. Ingestion points: Tool schemas and execution plans are fetched from the RUBE_SEARCH_TOOLS endpoint on the untrusted server. Boundary markers: No delimiters or instructions to ignore embedded content are provided. Capability inventory: The skill uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH which can perform impactful actions via the toolkit. Sanitization: There is no mention of validating tool slugs or arguments before execution.
Recommendations
- AI detected serious security threats
Audit Metadata