smartrecruiters-automation
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill demonstrates a vulnerability surface for indirect prompt injection (Category 8).
- Ingestion points: Data enters the agent context via the
RUBE_SEARCH_TOOLScall, which retrieves tool slugs, schemas, and execution plans from the remote endpointhttps://rube.app/mcp. - Boundary markers: Absent. The skill does not define delimiters or provide instructions for the agent to ignore instructions embedded within the retrieved tool descriptions.
- Capability inventory: The skill provides access to
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH, enabling the agent to perform actions on the user's Smartrecruiters account. - Sanitization: No sanitization or validation logic is specified for the data returned from the tool discovery process.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill requires the user to configure
https://rube.app/mcpas an MCP server. While this is an external third-party dependency, it is the primary mechanism for the skill's intended functionality and follows standard MCP integration practices.
Audit Metadata