re-amaze-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill requires the user to add 'https://rube.app/mcp' as a remote MCP server. Since this domain is not part of the trusted organizations list, it is classified as an unverifiable external dependency, though it is the core provider for the skill's functionality.\n- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted customer data from Re Amaze tickets. \n
- Ingestion points: Customer support tickets and messages retrieved from the Re Amaze API.\n
- Boundary markers: Absent; there are no specified delimiters or instructions to ignore commands within retrieved data.\n
- Capability inventory: The skill uses RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH, which provide extensive capabilities to interact with the Re Amaze API and remote environments.\n
- Sanitization: No evidence of sanitization or validation of the retrieved content before it is processed by the agent.\n- COMMAND_EXECUTION (LOW): The skill employs dynamic tool discovery and execution (Category 10). It uses 'RUBE_SEARCH_TOOLS' to fetch schemas at runtime and then executes tools based on those results, which creates a dynamic execution surface.
Audit Metadata