Skills
skills/composiohq/awesome-claude-skills/metaads-automation/Gen Agent Trust Hub

metaads-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [External Downloads] (HIGH): The skill instructs the user to configure an external MCP server at https://rube.app/mcp. This source is not recognized as a trusted provider, meaning the tool definitions and execution logic it provides are unverifiable.
  • [Prompt Injection] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8). It processes data from an external platform (Metaads) and possesses high-privilege write/execute capabilities. 1. Ingestion points: Result data from RUBE_SEARCH_TOOLS and Metaads API calls. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH allow for wide-ranging side effects. 4. Sanitization: No evidence of data validation or escaping for external content.
  • [Command Execution] (HIGH): The presence of RUBE_REMOTE_WORKBENCH with run_composio_tool() enables execution in a remote environment with opaque oversight, increasing the risk of unauthorized campaign modifications or data access.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:15 PM