shotstack-automation
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Unverifiable Dependencies] (MEDIUM): The skill relies on the external MCP endpoint
https://rube.app/mcp. This source is not among the pre-approved trusted entities, meaning its security posture and the integrity of the tool definitions it provides cannot be verified. - [Dynamic Execution] (MEDIUM): The skill is configured to fetch its operational logic (tool slugs, schemas, and execution plans) at runtime. This dynamic loading of capabilities from a remote source allows the external service to influence agent behavior beyond the local instructions.
- [Indirect Prompt Injection] (MEDIUM): By design, the skill processes external data from the Rube search tool to determine its next steps. If the remote service returns adversarial tool descriptions, it could manipulate the agent into performing unintended actions within the Shotstack environment.
Audit Metadata