Skills
skills/composiohq/awesome-claude-skills/skyfire-automation/Gen Agent Trust Hub

skyfire-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill instructs users to add an MCP server from https://rube.app/mcp, which is not a trusted source. This server controls the tool definitions the agent uses.
  • REMOTE_CODE_EXECUTION (HIGH): The skill utilizes RUBE_REMOTE_WORKBENCH and RUBE_MULTI_EXECUTE_TOOL, which allow for the execution of remote operations defined by the external rube.app service.
  • PROMPT_INJECTION (HIGH): The skill is vulnerable to Indirect Prompt Injection because it requires the agent to 'Always search tools first' using RUBE_SEARCH_TOOLS. The results from this untrusted external call dictate the agent's subsequent logic and tool parameters. Ingestion Point: RUBE_SEARCH_TOOLS response; Boundary markers: Absent; Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH, RUBE_GET_TOOL_SCHEMAS; Sanitization: None detected.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:40 PM