Skills
skills/composiohq/awesome-claude-skills/nango-automation/Gen Agent Trust Hub

nango-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill establishes an attack surface for indirect prompt injection by instructing the agent to dynamically fetch tool schemas and execution plans from an external MCP server.
  • Ingestion points: Data returned from RUBE_SEARCH_TOOLS (SKILL.md).
  • Boundary markers: Absent; instructions tell the agent to "use exact field names and types from search results."
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH provide execution capabilities based on fetched data.
  • Sanitization: No sanitization or validation logic is defined for the dynamic tool schemas.
  • Remote Code Execution (LOW): The skill facilitates remote execution through the RUBE_REMOTE_WORKBENCH tool. While the execution happens on the external Composio/Rube infrastructure rather than the local system, it grants the agent the ability to run code in a remote environment based on instructions from a third-party server (rube.app).
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:41 PM