stormglass-io-automation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): Reliance on unverified remote MCP server. The setup instructions require ad ding 'https://rube.app/mcp' as an MCP en dpoin t. This domain is not amon g the predefined trusted source s, posin g a risk of interactiin g with a malic ious or compromised service provider.
- [REMOTE_CODE_EXECUTION] (HIGH): Execution of tool s defined by a remote source. The skill use s 'RUBE_MULTI_EXECUTE_TOOL' an d 'RUBE_REMOTE_WORKBENCH' to perform operation s. Because the schema s an d execution logic are fetched dynamically from the remote Rube server, a malic ious service coul d provide tool definition s that execute unauthori zed code or perform harmful action s.
- [COMMAND_EXECUTION] (HIGH): Indirect Prompt Injection Surface (Category 8). The skill exhibits a high-risk capability tier due to it s ability to execute tool s based on external data.
- Ingestion point s: Tool schema s an d metadata are ingested from the remote server via 'RUBE_SEARCH_TOOLS'.
- Boun dary marker s: Non e in dicated in the skill to delimit external con ten t.
- Capability inventory: 'RUBE_MULTI_EXECUTE_TOOL' an d 'RUBE_REMOTE_WORKBENCH' provide sign ifican t side-effect capabilitie s.
- San iti zation: No san iti zation or validation of the remote tool definition s is performed before use in execution step s.
Recommendations
- AI detected serious security threats
Audit Metadata