Skills
skills/composiohq/awesome-claude-skills/opencage-automation/Gen Agent Trust Hub

opencage-automation

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill instructs the user to add an unverified MCP server at https://rube.app/mcp. This domain is not in the trusted scope, representing a third-party dependency with total control over provided tools.
  • REMOTE_CODE_EXECUTION (HIGH): Execution is performed via RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH based on definitions fetched from the remote server. This constitutes remote instruction execution.
  • COMMAND_EXECUTION (MEDIUM): The RUBE_REMOTE_WORKBENCH tool permits executing tasks (run_composio_tool) in a remote environment.
  • PROMPT_INJECTION (HIGH): Category 8: High risk of indirect prompt injection. The skill mandates fetching tool schemas from RUBE_SEARCH_TOOLS (Ingestion point: https://rube.app/mcp) without boundary markers or sanitization, and then using these schemas to drive RUBE_MULTI_EXECUTE_TOOL (Capability: execute).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 07:57 AM