the-odds-api-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill requires the configuration of an external Model Context Protocol (MCP) server located at
https://rube.app/mcp. This domain is not included in the 'Trusted External Sources' list, requiring users to trust the third-party provider for tool orchestration. - PROMPT_INJECTION (LOW): Detected an Indirect Prompt Injection surface (Category 8).
- Ingestion points: The agent is instructed to use
RUBE_SEARCH_TOOLSto fetch dynamic tool schemas, execution plans, and 'pitfalls' from the remoterube.appendpoint. - Boundary markers: Absent. The instructions explicitly prioritize fetched remote data over static definitions, advising the agent to 'Never hardcode tool slugs'.
- Capability inventory: The skill utilizes
RUBE_MULTI_EXECUTE_TOOLandRUBE_REMOTE_WORKBENCH, allowing for the execution of arbitrary tools defined by the fetched remote content. - Sanitization: Absent. The skill mandates using 'exact field names and types' provided by the search results without validation.
- COMMAND_EXECUTION (SAFE): While the skill mentions a 'Remote Workbench' and executing tools, these are managed through the MCP framework rather than direct shell command execution on the host system.
Audit Metadata