Skills
skills/composiohq/awesome-claude-skills/logo-dev-automation/Gen Agent Trust Hub

logo-dev-automation

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the addition of an external MCP server endpoint (https://rube.app/mcp) and references documentation/toolkits from composio.dev. Neither domain is included in the provided Trusted External Sources list.
  • REMOTE_CODE_EXECUTION (MEDIUM): The workflow involves executing tools discovered at runtime via RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH. The logic for these tools is hosted on and defined by the external MCP server.
  • PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8).
  • Ingestion points: Tool schemas, slugs, and execution plans are ingested from the RUBE_SEARCH_TOOLS output from an external server.
  • Boundary markers: Absent. The agent is explicitly instructed to follow the schema and execution plans returned by the tool search without validation.
  • Capability inventory: Includes multi-tool execution and a remote workbench for bulk operations.
  • Sanitization: None described. The agent is directed to use exact field names and types provided by the untrusted search results.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:49 PM