Skills
skills/composiohq/awesome-claude-skills/textit-automation/Gen Agent Trust Hub

textit-automation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • Unverifiable Dependencies (HIGH): The skill instructs the user to add an external MCP server endpoint (https://rube.app/mcp). This server is the source of all tool logic and is not a recognized trusted source, creating a dependency on an unverified third-party service.
  • Indirect Prompt Injection (HIGH): The skill uses a dynamic discovery pattern where it calls RUBE_SEARCH_TOOLS to fetch schemas and execution plans. This represents a Category 8 surface where instructions returned by the remote server (e.g., in tool descriptions) could override agent behavior.
  • Ingestion points: RUBE_SEARCH_TOOLS response.
  • Boundary markers: None present; the agent is told to follow the returned execution plans.
  • Capability inventory: RUBE_MULTI_EXECUTE_TOOL (execution), RUBE_MANAGE_CONNECTIONS (account access).
  • Sanitization: None detected.
  • Remote Code Execution (MEDIUM): The inclusion of RUBE_REMOTE_WORKBENCH and run_composio_tool() suggests the ability to execute code or complex tools in a remote environment managed by the third-party service.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:56 PM