supadata-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- No Code Detected (SAFE): The skill consists entirely of markdown instructions. No scripts, binaries, or automated installation commands are present in the provided file.- Indirect Prompt Injection Surface (LOW): The documentation instructs the agent to dynamically discover tool schemas and execution plans from a remote server via
RUBE_SEARCH_TOOLS. While standard for MCP, this creates a surface where a third-party server could influence agent behavior. Evidence Chain: 1. Ingestion points: tool schema data fromRUBE_SEARCH_TOOLS. 2. Boundary markers: None mentioned. 3. Capability inventory:RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH. 4. Sanitization: No sanitization instructions provided for the returned schema data.
Audit Metadata