Skills
skills/composiohq/awesome-claude-skills/procfu-automation/Gen Agent Trust Hub

procfu-automation

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (HIGH): The skill directs the agent to connect to an unverified external MCP server (https://rube.app/mcp). This server defines the tools and execution logic for the agent. The use of RUBE_REMOTE_WORKBENCH suggests the capability to execute code or tools in a remote environment.
  • Indirect Prompt Injection (HIGH): The skill is vulnerable to indirect prompt injection (Category 8c) because it instructs the agent to follow 'recommended execution plans' and schemas fetched from the remote search tool. Evidence: 1. Ingestion point: RUBE_SEARCH_TOOLS results (File: SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH, and RUBE_MANAGE_CONNECTIONS. 4. Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:24 PM