placid-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires users to add
https://rube.app/mcpas an MCP server. This domain is not included in the 'Trusted External Sources' list, representing an unverifiable remote dependency that provides the logic for the agent's tools. - COMMAND_EXECUTION (LOW): The skill uses
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHto perform operations. These tools execute actions based on schemas retrieved dynamically from the external service. - INDIRECT_PROMPT_INJECTION (LOW): The core workflow involves calling
RUBE_SEARCH_TOOLSto retrieve 'recommended execution plans' and tool schemas. This data is ingested directly into the agent's context and used to drive subsequent tool calls. - Ingestion points: Tool schemas and execution plans returned by the
rube.appMCP server viaRUBE_SEARCH_TOOLS. - Boundary markers: None identified; the skill instructions encourage following the returned plans exactly.
- Capability inventory: Ability to execute arbitrary Placid toolkit operations via
RUBE_MULTI_EXECUTE_TOOLand general bulk operations viaRUBE_REMOTE_WORKBENCH. - Sanitization: None documented; the skill emphasizes 'Schema compliance' using the exact field names and types provided by the search results.
Audit Metadata