Skills
skills/composiohq/awesome-claude-skills/project-bubble-automation/Gen Agent Trust Hub

project-bubble-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill instructs the agent to connect to an external MCP server at https://rube.app/mcp. While this is the intended method for utilizing the Rube/Composio integration, the domain is not part of the pre-approved trusted sources list, creating an unverified external dependency.
  • COMMAND_EXECUTION (LOW): The skill utilizes RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH, enabling the agent to perform remote operations. The security of these actions relies on the integrity of the remote provider and the active connection established via RUBE_MANAGE_CONNECTIONS.
  • PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its reliance on dynamically fetched schemas.
  • Ingestion points: Tool schemas and execution plans returned by RUBE_SEARCH_TOOLS at runtime.
  • Boundary markers: Absent; the agent is not instructed to verify or treat the returned schemas as untrusted data.
  • Capability inventory: Remote tool execution, connection management, and workbench access across all referenced RUBE tools.
  • Sanitization: Absent; the skill explicitly requires the agent to use the exact field names and types returned by the remote search results.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:43 PM