Skills
skills/composiohq/awesome-claude-skills/qualaroo-automation/Gen Agent Trust Hub

qualaroo-automation

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill presents a high-risk attack surface for indirect prompt injection when processing untrusted external content.
  • Ingestion points: Processes external survey data and response content from the Qualaroo platform.
  • Boundary markers: No delimiters or 'ignore instructions' warnings are defined to isolate untrusted data.
  • Capability inventory: Uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH which allow for arbitrary tool execution and side effects based on processed content.
  • Sanitization: No input validation or sanitization mechanisms are described for the data received from Qualaroo.
  • Unverifiable Dependencies (MEDIUM): The skill directs the user to add https://rube.app/mcp as an MCP server. This endpoint is not a recognized trusted source and could serve malicious tool schemas or execution plans.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:35 AM