Skills
skills/composiohq/awesome-claude-skills/mem0-automation/Gen Agent Trust Hub

mem0-automation

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the user to add an external MCP server endpoint (https://rube.app/mcp). While this is the official endpoint for the Rube service, it is not a predefined 'Trusted Source', meaning the integrity of the tools provided depends entirely on the third-party provider.
  • DYNAMIC_EXECUTION (MEDIUM): The core workflow relies on RUBE_SEARCH_TOOLS to dynamically retrieve tool slugs and schemas at runtime. The agent is instructed to follow these schemas blindly to execute actions via RUBE_MULTI_EXECUTE_TOOL. This runtime assembly of executable logic from external data is a significant security surface.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill is vulnerable to indirect injection via the tool discovery process.
  • Ingestion points: Tool schemas and 'known pitfalls' returned by the RUBE_SEARCH_TOOLS command.
  • Boundary markers: None. The instructions tell the agent to 'Always search tools first' and use the results directly.
  • Capability inventory: Includes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH, which can execute arbitrary tools within the connected toolkit.
  • Sanitization: No validation or sanitization of the discovered tool names or arguments is mentioned before execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:46 PM