productlane-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill directs the agent to connect to an external MCP server at https://rube.app/mcp. This endpoint is not on the trusted sources list and serves as a provider for tool logic. Severity is lowered as this is the primary intended purpose of the skill.
- PROMPT_INJECTION (LOW): The workflow presents an indirect prompt injection surface (Category 8c). The agent executes tools based on schemas and plans fetched dynamically from the Rube service via RUBE_SEARCH_TOOLS. Ingestion points: tool schemas and recommended plans from RUBE_SEARCH_TOOLS (SKILL.md); Boundary markers: None specified; Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH; Sanitization: None described.
- NO_CODE (SAFE): The skill does not include any Python or Node.js scripts, minimizing the risk of direct malicious code execution from the skill package itself.
Audit Metadata