text-to-pdf-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- External Downloads (LOW): The skill requires connecting to an external MCP server hosted at
https://rube.app/mcp. This domain is not on the predefined list of trusted external sources. While this is necessary for the skill's functionality, it introduces a dependency on a third-party service. - Indirect Prompt Injection (LOW): The skill processes arbitrary text input to generate PDF files, creating a surface for indirect prompt injection.
- Ingestion points: The skill ingests user-supplied text through tools discovered via
RUBE_SEARCH_TOOLS. - Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the documentation.
- Capability inventory: The skill utilizes
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH, providing the agent with the ability to execute various tools based on server-provided schemas. - Sanitization: No sanitization or validation steps for the input text are mentioned in the skill definition.
Audit Metadata