segmetrics-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill instructs the user to add an external MCP server endpoint (
https://rube.app/mcp). While this is the primary purpose of the skill, the domain is not part of the predefined trusted source list. - REMOTE_CODE_EXECUTION (LOW): The skill utilizes tools like
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHwhich execute operations on a remote environment. This is the intended behavior for interacting with the Composio/Segmetrics ecosystem. - INDIRECT_PROMPT_INJECTION (LOW): The skill possesses an attack surface where instructions could be embedded in the data retrieved from the remote server.
- Ingestion points: Tool schemas and use-case search results returned by
RUBE_SEARCH_TOOLS. - Boundary markers: Absent; the skill does not define specific delimiters to separate tool-provided data from system instructions.
- Capability inventory: The skill uses
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCHwhich can perform various automated actions based on input from the search results. - Sanitization: No sanitization or validation of the remote data is specified.
Audit Metadata