Skills
skills/composiohq/awesome-claude-skills/smugmug-automation/Gen Agent Trust Hub

smugmug-automation

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill consumes instructions from a remote MCP server and uses them to perform actions with significant side effects. * Ingestion points: Results from RUBE_SEARCH_TOOLS at https://rube.app/mcp. * Boundary markers: Absent; the agent is explicitly told to trust the remote schema. * Capability inventory: RUBE_MULTI_EXECUTE_TOOL provides write/execute permissions on the Smugmug toolkit. * Sanitization: Absent.
  • [Unverifiable Dependencies & Remote Code Execution] (HIGH): The use of a remote MCP server from a non-whitelisted domain (rube.app) allows that domain to influence the agent's execution logic.
  • [External Downloads] (MEDIUM): The endpoint https://rube.app/mcp is an untrusted external source.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:30 AM