ragic-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): Relies on a remote MCP server at rube.app/mcp which is not on the trusted sources list.
- COMMAND_EXECUTION (MEDIUM): Implements dynamic tool execution where slugs and schemas are retrieved via RUBE_SEARCH_TOOLS at runtime, preventing static verification of the full command set.
- PROMPT_INJECTION (LOW): Potential surface for indirect prompt injection. (1) Ingestion points: RUBE_SEARCH_TOOLS response. (2) Boundary markers: Absent. (3) Capability inventory: RUBE_MULTI_EXECUTE_TOOL. (4) Sanitization: Absent.
Audit Metadata