Skills
skills/composiohq/awesome-claude-skills/shipengine-automation/Gen Agent Trust Hub

shipengine-automation

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill relies on an external MCP server located at https://rube.app/mcp. This domain and service are not included in the predefined list of trusted sources, requiring manual verification of the provider's security posture.
  • [COMMAND_EXECUTION] (MEDIUM): The workflow involves dynamic execution of tools (RUBE_MULTI_EXECUTE_TOOL) using schemas and 'execution plans' fetched at runtime from the remote MCP server. If the server is compromised, it could return malicious tool definitions or arguments.
  • [PROMPT_INJECTION] (LOW): Vulnerability to indirect prompt injection via data processed at runtime.
  • Ingestion points: Tool schemas and recommended plans returned by RUBE_SEARCH_TOOLS.
  • Boundary markers: None; the agent is told to 'Always search tools first' and follow the results directly.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL and RUBE_REMOTE_WORKBENCH provide execution capabilities.
  • Sanitization: None; the skill instructs using 'exact field names' from search results.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:41 PM