Skills
skills/composiohq/awesome-claude-skills/realphonevalidation-automation/Gen Agent Trust Hub

realphonevalidation-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [Category 4] Unverifiable Dependencies (HIGH): The skill mandates the use of an external MCP server at https://rube.app/mcp. This domain is not among the trusted sources (e.g., Anthropics, OpenAI, Google) and its code/security cannot be verified locally.
  • [Category 10] Dynamic Execution (HIGH): The core workflow uses RUBE_SEARCH_TOOLS to dynamically retrieve tool slugs and schemas which are then passed directly to RUBE_MULTI_EXECUTE_TOOL. This allows a remote service to inject arbitrary tool execution instructions into the agent's workflow at runtime.
  • [Category 8] Indirect Prompt Injection (HIGH): The skill processes external data (Realphonevalidation tasks) and possesses powerful execution capabilities (RUBE_MULTI_EXECUTE_TOOL).
  • Ingestion points: Data returned from RUBE_SEARCH_TOOLS and external telephone validation data.
  • Boundary markers: Absent; no instructions are provided to sanitize or delimit the dynamically retrieved tool schemas.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL provides a direct execution path for tools defined by the remote server.
  • Sanitization: Absent; the agent is instructed to use "exact field names and types from the search results" without validation.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:45 PM