remarkety-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it ingests tool definitions dynamically. 1. Ingestion points: RUBE_SEARCH_TOOLS responses from rube.app. 2. Boundary markers: Absent. 3. Capability inventory: Executes remote tools via RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH. 4. Sanitization: Absent.
- [EXTERNAL_DOWNLOADS] (SAFE): References an external MCP endpoint (rube.app). This is standard for MCP integrations and does not involve local code execution.
Audit Metadata