Skills
skills/composiohq/awesome-claude-skills/sevdesk-automation/Gen Agent Trust Hub

sevdesk-automation

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is designed to ingest and execute tool schemas fetched dynamically from an external search tool.
  • Ingestion points: Tool definitions and schemas returned by RUBE_SEARCH_TOOLS as described in Step 1 of the Core Workflow.
  • Boundary markers: None. The instructions do not provide delimiters or warnings to ignore malicious instructions embedded in the returned schemas.
  • Capability inventory: The agent is granted capabilities to execute business operations via RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH.
  • Sanitization: Absent. The skill assumes the integrity of the tool slugs and arguments provided by the external search service.
  • External Downloads (LOW): The skill references an external MCP server endpoint (https://rube.app/mcp) that is not part of the trusted repository or organization list. While standard for Rube/Composio integrations, it constitutes an external dependency.
  • No Local Code (SAFE): The skill consists entirely of markdown instructions and does not bundle any Python, JavaScript, or shell scripts, reducing the risk of direct local exploit execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:45 PM