respond-io-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE] (SAFE): No malicious patterns or executable code detected within the skill file.
- [EXTERNAL_DOWNLOADS] (LOW): The skill references an external MCP server endpoint (https://rube.app/mcp). While not on the pre-approved trusted list, it is a known integration endpoint for the service.
- [Indirect Prompt Injection] (LOW): The skill instructs the agent to ingest and act upon data from external tool outputs. 1. Ingestion points: Output from RUBE_SEARCH_TOOLS. 2. Boundary markers: Not explicitly defined in instructions. 3. Capability inventory: Tool execution via RUBE_MULTI_EXECUTE_TOOL. 4. Sanitization: Not mentioned.
Audit Metadata