Skills
skills/composiohq/awesome-claude-skills/rippling-automation/Gen Agent Trust Hub

rippling-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill relies on dynamic output from RUBE_SEARCH_TOOLS to determine execution plans and tool schemas. If the remote service provides malicious instructions within these schemas, the agent may execute unintended actions.
  • Ingestion points: RUBE_SEARCH_TOOLS response body.
  • Boundary markers: Absent; the agent is instructed to follow the execution plans returned by the tool.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH (can perform write operations in Rippling).
  • Sanitization: Absent; the skill directs the agent to use exact field names and types from search results.
  • External Dependency (LOW): The skill requires the addition of an external MCP server (https://rube.app/mcp) which is not on the trusted source list. This server acts as a proxy for sensitive Rippling data.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:48 PM