Skills
skills/composiohq/awesome-claude-skills/neverbounce-automation/Gen Agent Trust Hub

neverbounce-automation

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill instructs the agent to fetch 'recommended execution plans' and 'tool schemas' from the Rube MCP server (RUBE_SEARCH_TOOLS). This creates a vulnerability where the remote service could return malicious instructions that the agent might execute blindly.
  • [External Dependencies] (LOW): The skill requires the configuration of a third-party MCP endpoint (https://rube.app/mcp). This service is not on the trusted providers list and acts as a gateway for all operations.
  • [Command Execution] (MEDIUM): The skill uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH to perform actions. These tools provide significant capabilities to modify data or perform remote operations based on schemas defined at runtime by the external server.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 12:48 PM