mailboxlayer-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Dynamic Execution (MEDIUM): The skill uses RUBE_SEARCH_TOOLS to fetch schemas and RUBE_MULTI_EXECUTE_TOOL to execute them. This runtime discovery pattern allows agent behavior to be influenced by external data.
- External Reference (MEDIUM): The skill directs users to add https://rube.app/mcp as an MCP server. This domain is not on the trusted list for dependencies.
- Indirect Prompt Injection (LOW): The skill ingests untrusted metadata from the RUBE_SEARCH_TOOLS tool. 1. Ingestion points: RUBE_SEARCH_TOOLS response; 2. Boundary markers: Absent; 3. Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH; 4. Sanitization: Absent.
Audit Metadata