linkhut-automation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): Directs connection to an untrusted external MCP server at 'https://rube.app/mcp'.
- [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection (Category 8) as it instructs the agent to follow dynamic execution plans from an external source. Ingestion points: Output from 'RUBE_SEARCH_TOOLS' at rube.app. Boundary markers: None. Capability inventory: 'RUBE_MULTI_EXECUTE_TOOL' and 'RUBE_REMOTE_WORKBENCH' (modifies Linkhut state). Sanitization: None.
- [COMMAND_EXECUTION] (HIGH): Capability to execute potentially malicious tools on Linkhut based on instructions received from the remote search results.
Recommendations
- AI detected serious security threats
Audit Metadata