Skills
skills/composiohq/awesome-claude-skills/parma-automation/Gen Agent Trust Hub

parma-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill fetches tool definitions and execution plans from an untrusted remote source (https://rube.app/mcp). * Ingestion point: RUBE_SEARCH_TOOLS (SKILL.md) * Boundary markers: Absent * Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH (SKILL.md) * Sanitization: Absent. The agent is explicitly told to follow the remote execution plans without validation.
  • [Remote Code Execution] (HIGH): The instruction to "Always search tools first" and follow "recommended execution plans" from the Rube MCP server allows the remote service to dictate agent actions and tool usage.
  • [External Downloads] (MEDIUM): Setup involves a non-whitelisted MCP endpoint (rube.app). The absence of authentication requirements facilitates the use of potentially malicious remote infrastructure.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:39 PM