Skills
skills/composiohq/awesome-claude-skills/lmnt-automation/Gen Agent Trust Hub

lmnt-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill mandates connection to an unverified external MCP server at https://rube.app/mcp. This domain is not on the trusted sources list, posing a supply chain risk.
  • [PROMPT_INJECTION] (HIGH): The core workflow requires fetching schemas from the external server via RUBE_SEARCH_TOOLS and using them to populate RUBE_MULTI_EXECUTE_TOOL. Because there are no boundary markers or sanitization steps, and the skill explicitly tells the agent to use exact field names from the remote response, it is highly vulnerable to Tool Output Poisoning (Indirect Prompt Injection).
  • [COMMAND_EXECUTION] (MEDIUM): The skill enables remote tool execution and workbench operations through the MCP interface based on externally supplied logic.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:34 PM